charles
Checking for sudo privileges of the charles user after performing a manual enumeration
charles@pelican:/var/tmp$ sudo -l
Matching Defaults entries for charles on pelican:
env_reset, mail_badpass,
secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User charles may run the following commands on pelican:
(ALL) NOPASSWD: /usr/bin/gcoreThe charles user is able to execute the /usr/bin/gcore command as anyone without getting prompted for password
/Practice/Pelican/4-Post_Enumeration/attachments/{ED563890-4039-4805-B26A-EC1EC89E0E75}.png)
/Practice/Pelican/4-Post_Enumeration/attachments/{3341F009-76F9-4B8A-8924-22456D91B475}.png)
According to GTFOBins, the gcore binary can be abused for privilege escalation