Mission
This challenge contains a user who is a member of a Linux group that grants effective control over a local service. The service is powerful enough that membership in the group is equivalent to being root. To solve the challenge, read /flag.
Starting toolkit (you may need more)
groupsdockerWhy this matters in 2026
Certain Linux groups are effectively root by design. Adding a developer to one of them for convenience during dev is how real production incidents happen. Every sysadmin should be able to list these groups by heart.
Mitigation era: 2026-04 · rotation policy: levels may be refreshed as CVEs are patched out of distro defaults.
How to reach this level
Use the password for phantom12 that you captured on the previous level, then:
ssh phantom12@phantom.breachlab.org -p 2223
SSH endpoint is being provisioned. Follow @BreachLab for launch announcement.
Log in to submit flags and track progress.