This Repository contains a web challenge with a user token and a Linux privilege escalation challenge with a root token.
This challenge was part of the Hacker Contest at the TU Darmstadt 2021.
- Download the Git Large File Storage extension from here. Install with
git lfs install
- Clone Repository.
- Create personal access token here (To get access to the github container registry that contains the docker images for this challenge).
- Set env variable for access token
export CR_PAT=YOUR_TOKEN
,export CR_NAME=YOUR_GITHUB_USERNAME
. - Run
sudo chmod +x install.sh && sudo -E ./install.sh
. - Lets hack!.
The attached Walkthrough.pdf gives a detailed explanation of how to setup the challenge and how to solve it step by step.
This pdf just gives a few tips and tricks of how to find and exploit privilege escalation vulnerabilities.