Check Sudo List
Even a regular user may sometimes be granted access to the certain commands, tools or scripts through the sudoers list. This can open up the opportunity to bump up privilege.
You can list the sudo commands and scripts that the current user has access to using the command,
Access to script
Say for example the above command displays a script that you have access to, then it is a simple matter of adding the line "/bin/bash -i" to the script and then executing it. Since the script is being executed as sudo, all commands under it will also be executed as sudo.
Nano access to a folder
Now if you have Nano access to a specific folder as sudo, then you can acccess other folders through that folder.
For e.g. if you had access to "/home/david" then you can access "/home/david/../../etc/sudoers" to modify the file and grant yourself more access.
Vi access
With sudo access to Vi, its even easier to bump up the privilege by simply executing one of the following two commands,
Open a file to edit using the command,
Then switch to command mode and execute the command ":!bash"
Alternatively, you can also bump up by simply executing the command,
Last updated