webadmin
Checking for sudo privileges of the webadmin after making a manual system enumeration
webadmin@serv:~$ sudo -l
Matching Defaults entries for webadmin on serv:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin
User webadmin may run the following commands on serv:
(ALL : ALL) /bin/nice /notes/*The webadmin user is able to execute the /bin/nice /notes/* command as anyone
nice
/Play/Potato/4-Post_Enumeration/attachments/{3AF303C1-24C8-4605-8428-E8BF809DACB1}.png)
According to GTFObins, nice can be abused for privilege escalation