Privilege Elevation - Unix

Sudo allows to launch commands as another user.

To know the sudo rights of your account, you must launch the command sudo -l and enter your password:

sudo -l
User1 can use the following commands on target-host :
    (ALL) NOPASSWD: /usr/bin/find
    user2 NOPASSWD: /usr/bin/python3 /home/user2/

It is then possible to run commands as user2 with the option -u user2

sudo /usr/bin/find  
sudo -u user2 /usr/bin/python3  /home/user2/ 

You can run find with root account rights, and with user2 account rights..

If the NOPASSWD option is not defined, the sudo command asks for the current account password. If you have entered through a webshell, or an ssh connection with a private key, you will have to manage to know the password.