There's an pretty fun set of challenges with an associated lecture about the permissions model on Linux[0]. The challenges have you find and (ab)use different commands to read a file containing a flag.
Could be a fun addition for those that want to go a bit deeper on V58 (the one about commands). I think it should be doable for anyone taking the course after reading the instructions.
Edit:
e.g. you can set SUID on find and use -exec to run cat and get the contents of the file.
[0] https://pwn.college/modules/suid
There's an pretty fun set of challenges with an associated lecture about the permissions model on Linux[0]. The challenges have you find and (ab)use different commands to read a file containing a flag.
Could be a fun addition for those that want to go a bit deeper on V58 (the one about commands). I think it should be doable for anyone taking the course after reading the instructions.
Edit:
e.g. you can set SUID on
findand use-execto runcatand get the contents of the file.[0] https://pwn.college/modules/suid