First Blood Available
Mission
This challenge contains a permissive sudo rule on a standard Linux utility. An unprivileged user can use the rule to execute arbitrary code as root. To solve the challenge, read /flag.
Starting toolkit (you may need more)
sudoWhy this matters in 2026
Sudo allowlists containing binaries that were never meant to live in an allowlist are the number-one finding in real Linux hardening audits. Every defender must learn to read sudoers the way an attacker does.
Mitigation era: 2026-04 · rotation policy: levels may be refreshed as CVEs are patched out of distro defaults.
How to reach this level
Use the password for phantom1 that you captured on the previous level, then:
ssh phantom1@phantom.breachlab.org -p 2223
SSH endpoint is being provisioned. Follow @BreachLab for launch announcement.
Log in to submit flags and track progress.