apt-get Privilege Escalation Linux

How to exploit sudoers entry apt-get command Sudo Privilege Escalation

I add a user hacker for testing and id command to check hacker user group-id and user-id and check our new user for sudo command with sudo su and see the error is user hacker is not allowed to execute /bin/bash as root

sudo su: mean change current user to superuser like root

apt-get  Privilege Escalation

Now our first Step is Lab Setup for SUOD Right Privilege Escalation I am using ubuntu 16.0 version

Now open your sudoers file this command for adding our user sudoers file

After opening the sudoers file I am adding our user hacker for apt-get command with no password

apt-get: aptget is a command-line tool which helps in handling packages in Linux and installs a new package and removes old package

And save the file

And execute a command for check sudoers file entry sudo -l

After the sudo -l command we see /usr/bin/apt is run as root without a password two way to Privilege escalation apt-get command

Privilege Escalation apt-get

changelog: mean Download and display the changelog for the given package

After opening the changelog file now execute the bash shell the command: !/bin/bash and Enter

and normal user hacker shell is changed to superuser root check with id command

The second way to Privilege Escalation apt-get command

And again we got a root shell

Perl python privilege escalation here read more privilege escalation link

Leave a Comment