700 B
700 B
Hack the Jail - Part 1
Difficulty
Very easy, but the participant needs to know about "sudo", which might be unknown for Linux novices.
How To Solve
If something says "permission denied" on Linux, try with sudo. In this case the /etc/sudoers file seems to contain a peculiar line related to the currently executing user ig. It states the following:
ig ALL = NOPASSWD: /bin/cat
This means that the ig user is allowed to execute the /bin/cat binary with elavated permissions without using a password.
Therefore executing:
sudo cat /flag.txt
reveals the flag.
Flag
IGCTF{ASimpleVisudoCanDoGreatDamage1}