Pseudo - H@cktivityCon CTF

Category: Misc
Solves (at time of writing): 219
Description: Someone here has special powers... but who? And how!?

Pseudo

We start out with an ssh session to a computer.

Initially we don't see that much, other than the many users on the machine.

Going after the name of the challenge, I decided to go check the sudoers file, they may have gotten their "special powers" through there.

On first glance we dont see anything special, but I noticed the #includedir line at the end.

The # in #includedir does *not* mean its a comment, in the sudoers file includes are prefixed with a #.

It includes the /etc/sudoers.d directory, so lets check that out!

Going to the directory, the only file we find is a README.

And in that file a user, with sudo privilieges, and his password!

We can log in as this user now (su todd).

After logging in we type sudo su to log in as the root user.

And checking /root we see a flag.txt

~sw1tchbl4d3, 31/07/2020 (dd/mm/yyyy)