Priv Escalation

SUDO VERSION VULNERABLE

wifi reset.py running as root (cant replace anything)

SUDO -L

I CAN WRITE RASP.INIT

User www-data may run the following commands on walla:
    (ALL) NOPASSWD: /sbin/ifup
    (ALL) NOPASSWD: /usr/bin/python /home/walter/wifi_reset.py
    (ALL) NOPASSWD: /bin/systemctl start hostapd.service
    (ALL) NOPASSWD: /bin/systemctl stop hostapd.service
    (ALL) NOPASSWD: /bin/systemctl start dnsmasq.service
    (ALL) NOPASSWD: /bin/systemctl stop dnsmasq.service

PwnKit

PreviousExploitation NextNotes

Last updated 2 years ago