Asterisk
bash-3.2$ sudo -l
matching defaults entries for asterisk on this host:
env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS MAIL PS1 PS2 QTDIR USERNAME LANG
LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC
LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
user asterisk may run the following commands on this host:
(root) nopasswd: /sbin/shutdown
(root) nopasswd: /usr/bin/nmap
(root) nopasswd: /usr/bin/yum
(root) nopasswd: /bin/touch
(root) nopasswd: /bin/chmod
(root) nopasswd: /bin/chown
(root) nopasswd: /sbin/service
(root) nopasswd: /sbin/init
(root) nopasswd: /usr/sbin/postmap
(root) nopasswd: /usr/sbin/postfix
(root) nopasswd: /usr/sbin/saslpasswd2
(root) nopasswd: /usr/sbin/hardware_detector
(root) nopasswd: /sbin/chkconfig
(root) nopasswd: /usr/sbin/elastix-helperThe asterisk user has a list of sudo commands as theroot user available
while the majority of them are privilege escalation vectors, i list the easier following:
/usr/bin/nmap/bin/chmod/bin/chown/sbin/service