exploit – Sudo -l systemctl bypass

I am trying to privilege escalate a vulnerable box and I’ve stuck with this output:

    sudo -l
Matching Defaults entries for charlie on sewers:
    env_reset, mail_badpass,

User charlie may run the following commands on sewers:
    (root) NOPASSWD: /bin/systemctl restart webmin

the only other thing that I have write privileges is a script inside the webmin directory:


I’ve added a user that I know the credentials and I run the sudo command. Basically it adds the user to the webmin interface. But here I am stuck because in the interface I can’t do anything else (all the known epxloits that I tried where not successful).

webmin version: 1.953

Can someone pinpoint me to the right direction?