If Nmap can be run with NOPASSWD via sudo, then you can break out into a root shell by creating a file containing os.execute("/bin/sh") and then running nmap --script=$FILE.
Search
July 31, 20241 min read
If Nmap can be run with NOPASSWD via sudo, then you can break out into a root shell by creating a file containing os.execute("/bin/sh") and then running nmap --script=$FILE.