I am trying to privilege escalate a vulnerable box and I’ve stuck with this output:
sudo -l Matching Defaults entries for charlie on sewers: env_reset, mail_badpass, secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin User charlie may run the following commands on sewers: (root) NOPASSWD: /bin/systemctl restart webmin
the only other thing that I have write privileges is a script inside the webmin directory:
I’ve added a user that I know the credentials and I run the sudo command. Basically it adds the user to the webmin interface. But here I am stuck because in the interface I can’t do anything else (all the known epxloits that I tried where not successful).
webmin version: 1.953
Can someone pinpoint me to the right direction?