Mission
This challenge contains a sudo rule that allows the operator to edit a specific configuration file. A bug in the way the editor is invoked lets the operator open a file outside the allowed list. To solve the challenge, read /flag. You will need to look up a recent sudo security advisory.
Starting toolkit (you may need more)
sudoeditsudo -lWhy this matters in 2026
Reading CVE advisories and adapting their fix description into an exploitation workflow is a daily task for every offensive security researcher. This challenge is practice at that specific skill.
Mitigation era: 2026-04 · rotation policy: levels may be refreshed as CVEs are patched out of distro defaults.
How to reach this level
Use the password for phantom4 that you captured on the previous level, then:
ssh phantom4@phantom.breachlab.org -p 2223
SSH endpoint is being provisioned. Follow @BreachLab for launch announcement.
Log in to submit flags and track progress.