🖥️Sudo Security Bypass: CVE-2019-14287

A tutorial room exploring CVE-2019-14287 in the Unix Sudo Program. Room One in the SudoVulns Series

TryHackMe | Sudo Security BypassTryHackMe

https://tryhackme.com/room/sudovulnsbypass

Room Attributes	Value
Subscription Required	False [Free]
Type	Walkthrough
Difficulty	Info
Tags	SudoVulns, CVE-2019-14287, Sudo, Beginner

Task 1 - Deploy!

Deployed!

No answer needed

Task 2 - Security Bypass

What command are you allowed to run with sudo?

HINT: Try using: sudo -l to see your privileges

Reveal Flag 🚩

🚩/bin/bash

What is the flag in /root/root.txt?

HINT: Get root using sudo (as a user with UID -1) with the command you found in the last question, then use cat /root/root.txt to get the flag.

Reveal Flag 🚩

🚩THM{l33t_s3cur1ty_bypass}