THM: Linux Agency
Game Zone
This Room will help you to sharpen your Linux Skills and help you to learn basic privilege escalation in a HITMAN theme. So, pack your briefcase and grab your SilverBallers as its gonna be a tough ride.
This is Linux Agency from THM. It doesn’t seem to have a rating? There are 31 flags which mostly involve basic concepts to grab, then you escalate through a bunch of users mostly with GTFOBins techniques. It’s only the last part I’m going to mention.
Final Steps
As maya, linpeas shows us this:
root 1395 0.0 0.3 404800 3432 ? Sl 01:41 0:00 _ /usr/bin/docker-proxy -proto tcp -host-ip 127.0.0.1 -host-port 2222 -container-ip 172.17.0.2 -container-port 22
We log in as robert using his SSH key and passphrase we found earlier:
We’re in a docker container.
We can become root in the container:
And then escape it:
root@ec96850005d6:/root# /tmp/docker -H unix:///run/docker.sock images -a
There is one called mangoman.
Note: docker wasn’t in the path, it was in /tmp for some reason; probably to make it harder. Linpeas pointed out run/docker.sock.