Laboratory
Laboratory
Laboratory 298
Laboratory
RETIRED MACHINE

Laboratory

Laboratory - Linux Linux
Laboratory - Easy Easy

4.2

MACHINE RATING

4946

USER OWNS

4808

SYSTEM OWNS

14/11/2020

RELEASED
Created by chvancooten

Machine Synopsis

Laboratory is an easy difficulty Linux machine that features a GitLab web application in a docker. This application is found to suffer from an arbitrary read file vulnerability, which is leveraged along with a remote command execution to gain a foothold on a docker instance. By giving administration permissions to our GitLab user it is possible to steal private ssh-keys and get a foothold on the box. Post-exploitation enumeration reveals that the system Laboratory has an executable program set as setuid. This is leveraged to gain a root shell on the server.

Machine Matrix

Ready to start your
hacking journey?