Scenario: "Annapurna": High privileges

Level: Medium

Type: Hack

Tags: hack   advent2025  

Access: Email

Description: You are logged in as the user admin.

You have been tasked with auditing the admin user privileges in this server; "admin" should not have sudo (root) access.

Exploit this server so you as the admin user can read the file /root/mysecret.txt
Save the content of /root/mysecret.txt to the file /home/admin/mysolution.txt , for example: echo "secret" > ~/mysolution.txt

Root (sudo) Access: False

Test: Running md5sum /home/admin/mysolution.txt returns 47ee165a2262476f6866902a93f2a41d. (We also accept the md5sum of the same file without a newline at the end).

The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute.

Time to Solve: 20 minutes.