wao
Checking for sudo privileges of the wao user after performing a basic system enumeration on the lab-2.university.htb host
wao@LAB-2:/var/tmp$ sudo -l
[sudo] password for wao: WebAO1337
Matching Defaults entries for wao on LAB-2:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User wao may run the following commands on LAB-2:
(ALL : ALL) ALLThe wao user is root
This was noted in the motd that the lab-2.university.htb host is accessible by all the “Web Developers” as sudo users
Moving on to Privilege Escalation