hugo
Checking for sudo privileges of the hugo user after gaining a lateral movement
hugo@blunder:~$ sudo -l
password: Password120
matching defaults entries for hugo on blunder:
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
user hugo may run the following commands on blunder:
(ALL, !root) /bin/bashThe hugo user is able to execute /bin/bash as anyone but the root user
This would mean that I could become anyone except for the root user (i.e. shaun or temp)
However, there is [[Blunder_Privilege_Escalation#[CVE-2019-14287](https //nvd.nist.gov/vuln/detail/CVE-2019-14287)|more]] to this due to the outdated sudo version