Escalation Path: Sudo Flashcards
Explain what is escalation via shell escaping.
Some binaries have the functionality of spawning shells. If an user has sudo permissions over a binary like that, then he will be able to execute it with sudo and spawn a shell as root. So the user will escape the restricted shell that he was originally in.
Explain what is escalation via intended functionality.
Binaries that have an intended functionality that, when an user has sudo permissions over it, can be abused to give access to sensitive information.
Why is the sudo -l command so important?
Because it shows the binaries that the current user has sudo permissions over. So you can look for privilege escalation paths like shell escaping and intended functionality.