# sudo -l Binaries

### Overview

The command:

```bash
sudo -l
```

Lists commands the current user is allowed to run with elevated privileges. Many common Linux binaries allow a user to spawn a root shell from inside the program.

### Why this Works

This works because:

* `sudo` executes the allowed binary as **root**
* Many binaries allow command execution from inside them

### Prerequisites

* Local access as a non-root user
* Ability to run `sudo -l`
* At least one allowed binary that supports shell execution
* Either:
  * Passwordless sudo (`NOPASSWD`), or
  * Knowledge of the user’s password

### Steps

1. Run `sudo -l` to check for any sudo permissions.

   ```bash
   # Does not need the user's password to run as root
   (root) NOPASSWD: /usr/bin/vim
   # Needs the user's password to run it as root
   (root) /usr/bin/vim
   ```
2. Check if that binary has any misconfiguration to get back a shell as root. A great resource for this is [gtfobins](https://gtfobins.org/). Check for the `sudo` tab.

### References

1. <https://gtfobins.org>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gokulkarthik.gitbook.io/pentesting-checklist/linux/linux-privilege-escalation/sudo-permissions/sudo-l-binaries.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.