2

I am currently trying to escalate my privileges on an Ubuntu box. When I enumerated the server and run "sudo -l" command, I found out /usr/bin/vi set to (root) NOPASSWD.

(root) NOPASSWD: /usr/bin/vi /var/www/html/*

Then I wanted to use vi for my purpose to escalate my privs to root, so I wanted to create a file with running the command below, so I can run my shell in vi.

sudo /usr/bin/vi somefile.txt

Then I got this error:

sudo: no tty present and no askpass program specified

If someone help me with this issue, it is really appreciated.

  • I just would like to able to run this command without error:

    sudo /usr/bin/vi somefile.txt

Blacklion
  • 93
  • 9
  • 1
    Just spawn a tty shell: https://netsec.ws/?p=337 – Andrew Morozko Jul 19 '19 at 02:23
  • 2
    @AndrewMorozko that would migitage the error that is posted in the question, but it wouldn't solve OPs problem: 'somefile.txt' does not match '/var/www/html/*'. That's the reason, askpass is even called. (Yet, vi wouldn't work great without a tty, I recon) – Tobi Nary Jul 19 '19 at 07:20
  • @TobiNary is right. Spawning shell and the absolute path issue are different things. – Blacklion Jul 19 '19 at 17:00

2 Answers2

3

I know exactly what you are talking about and you are almost on the right track.

the sudo is letting you run /usr/bin/vi but in the same way you can't just do sudo vi somefile.txt, maybe there is a reason you can't do sudo /usr/bin/vi somefile.txt

For those wondering, I am hesitant to give an exact answer because this is an active CTF and it is discouraged to give the solution until it has been retired.

vsja
  • 71
  • 3
1

The thing here is all about reading the sudo -l command's result well as @vsja mentioned in the comments. Focusing on the results and the operation system my research ended up with this thread, which mentions to use the absolute path given in the sudo -l output.

Blacklion
  • 93
  • 9