Enumerate the Linux environment and look for interesting files that might contain sensitive data. Submit the flag as the answer.
I manually enumerated pretty much all the directories. I can’t find anything, I did everything the form explained, can you help me please.
I ran sudo -l and it came up with ncdu, I read the vulnerabilities on GTFOBins, but when I run it with sudo, it doesn’t give me root permission.
I solved it, I found a similar exploit and used: sudo -u#-1 /bin/ncdu,
then the vulnerability said by GTFOBins.
Thank you so much, I was working on this for hours. I wonder if that is how you are supposed to solve it.
[quote=“Regon, post:2, topic:306884”]
sudo -u#-1 /bin/ncdu
[/quote]
ls -alt /home/lab_admn/
3.cat /home/lab_adm/.viminfo
Solved thanks. I need to clean my old messages.
im a little confused, ive got a root shell, however the flag in the root home is not correct.
Currently using grep to find all instances of flag.txt. looked through the shadow files but im struggling to crash the shadow files 
There is more than one flag on the box. The actual, correct flag, is not obvious to find. The file with the flag can’t be found with linpeas or linenum. I had to find it find a find command (can also do this with a python script) to find the correct flag. And you do not require root to do so.