DEV Community

Frank Promise Edah
Frank Promise Edah

Posted on

privelege escalation

As part of your onboarding, you've been tasked with setting a server up so that bob is a superuser. Set bob up so no password is required when he uses the sudo command and he can run any command. In addition, set up adam to be able to run the journalctl command as root without being prompted for a password.

STEP 1__ Add bob to sudo files
In order to add bob to sudo files, we have to first make bob a root user by user the sudo -i command and then run the visudo command.

STEP 2
inside the editor, press i on the keyboard to insert the folllowing:
bob ALL= (ALL) NOPASSWD: ALL
adam ALL=(root) NOPASSWD: /bin/journalctl

To exit, press the _esc key which makes insert to disappear, thereafter enter __:wq: to quit and save.

To check if your changes works properly, try:
sudo -adam
Try to install php as this user, and you will notice it doesnt allow you to because adam is only set to run /bin/journalctl.

Oldest comments (0)