Skip to main content

One post tagged with "LXD"

LXD (Linux Container) is a lightweight Linux virtualization manager that allows users to run multiple isolated Linux systems (containers) on a single host machine, sharing the same kernel and hardware resources. Containers created with LXD are similar to traditional VMs but use less overhead and provide faster startup times due to their shared kernel.

View All Tags

HTB | Included | Write-Up

· 25 min read

Summary:

We test connectivity and scan the target, then enumerate its TFTP service and web page. We find an unauthenticated upload function on TFTP and a Local File Inclusion (LFI) vulnerability on the web page. We use these to upload a PHP reverse shell and gain low-level access via LFI.

With this foothold, we upgrade our access to user level using the acquired clear-text credentials. We then grab the user flag, enumerate further, and exploit privilege escalation opportunities to reach root level access with the help of the lxdprivesc script. Finally, we obtain the root flag.

Machine Name: Included | Difficulty: Easy | OS: Linux