What does this sudo -l output mean and can this be priv. escalated?

Question

I am trying to do priviledge escalation of a linux box. My sudo -l output shows the following :

www-data@box:/scripts$ sudo -l
sudo -l
Matching Defaults entries for www-data on box:
    env_reset, mail_badpass,
    secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin

User www-data may run the following commands on box:
    (scriptmanager : scriptmanager) NOPASSWD: ALL

What does the (scriptmanager : scriptmanager) mean?

And in one of the directories that I listed, it showed :

www-data@box:/scripts$ ls -l
ls -l
total 20
-rw-r--r-- 1 scriptmanager scriptmanager  88 Feb  8 09:11 dek.py
-rw-r--r-- 1 root          root            0 Feb  8 10:11 dik.py
-rw-r--r-- 1 www-data      www-data      129 Feb  8 09:25 mmm.py
-rw-r--r-- 1 scriptmanager scriptmanager  58 Dec  4 17:03 test.py
-rw-r--r-- 1 root          root           12 Feb  8 10:11 test.txt
-rw-r--r-- 1 www-data      www-data       85 Feb  8 10:08 tmp.py

Is there a way to priviledge escalate to a root shell? I have limited user shell without the password.

Answer 1

(scriptmanager : scriptmanager) NOPASSWD: ALL

means that you can run any command as scriptmanager, and optionally set your group to scriptmanager when doing so. You won't need to provide a password when doing so. The scriptmanager user (or group) may or may not have the privileges you ultimately want.

Answer 2

Try looking for files or executables that scriptmanager owns already that you can modify. Some of them may execute in a privileged context.