Getting Started - Privillage Escalation: I feel dumb

b15h09 · August 29, 2024, 9:50am

So this challenge made me feel really stupid lol.

I have a really bad habit(or good???) of over complicating while doing pen test challenges.

To get the first answer all I had to do is put in “sudo -su user2” and I would have been logged in.

But nowhere on the material did it say that was the answer.

So I ended up using ‘sudo -u user2 /bin/bash ./test.sh’ with ‘test.sh’ containing File Read (a) for bash from GTFOBins.

I was able to get the flag for user2 and id_rsa for root easily after that, but I feel really dumb for not knowing the intended way of getting in.

What lesson should I learn from this? Git gud? At least I solved it in an interesting way? I’m cooked?

I genuinely do not know… ;_;

b2k · August 29, 2024, 11:26am

There are many solutions. The more solutions you know, the better. Over-complicating is not an issue; use it to your advantage. If you learn how to solve things simply, you can use both methods.

That self-doubt is what science calls ‘Impostor Syndrome.’ It’s completely normal and happens to everyone. Focus on the fact that you found a solution, and you can easily learn the simple way.

Topic		Replies	Views
Getting Started Knowledge Check - 2 ways for Priv Escalation Academy	0	101	December 8, 2024
Password Attacks Lab - Medium Academy	67	8928	April 25, 2025
Module - Getting Started - Privilege Escalation - Second question Off-topic privilege-escaltion , getting-started	42	15827	December 12, 2024
Help with Linux Local Privilege Escalation - Skills Assessment Academy	51	5949	November 4, 2024
Getting Started: Nibbles - Privilege Escalation PART 2 (Walk-through + Questions) Academy	7	4177	February 6, 2025

Getting Started - Privillage Escalation: I feel dumb

Related topics