First Blood Available
Mission
This challenge contains a directory that is meant to hold additional sudo configuration files. An unprivileged user has write access to that directory. To solve the challenge, read /flag.
Starting toolkit (you may need more)
lssudoWhy this matters in 2026
Misconfigured permissions on sudo include directories are a surprisingly common finding in container base images and quickly-built developer VMs. A single writable directory here is a one-line end-to-end root.
Mitigation era: 2026-04 · rotation policy: levels may be refreshed as CVEs are patched out of distro defaults.
How to reach this level
Use the password for phantom9 that you captured on the previous level, then:
ssh phantom9@phantom.breachlab.org -p 2223
SSH endpoint is being provisioned. Follow @BreachLab for launch announcement.
Log in to submit flags and track progress.