SUDO

This one of the first step to do, when you get access to the machine just simpley run "sudo -l", which lists all the files that we can run as root without any password.
Once you have any to run then navigate to https://gtfobins.github.io/ and search for is the one specified is a system program or else modify the file with "/bin/sh" and run that.

Other tool is Sudo Inject

Ex: apt update hooking (PreInvoke)

sudo apt-get update -o APT::Update::Pre-Invoke::= /bin/bash

Last updated 1 year ago