Overview

Logging is a Medium-difficulty Linux machine featuring log analysis vulnerabilities and privilege escalation techniques. This machine teaches:

  • Web application enumeration
  • Log injection attacks
  • Exploiting misconfigured logging systems
  • Linux privilege escalation

Enumeration

Port Scanning

Start with basic port enumeration to discover running services.

Key Findings:

  • SSH (22/tcp) - OpenSSH
  • HTTP (80/tcp) - Web server
  • Additional service on higher port

Web Application Analysis

The web application appears to be a logging/monitoring system. Look for:

  • User input fields that might write to logs
  • Log viewing functionality
  • Authentication mechanisms
  • API endpoints

→ For the complete writeup with all commands, CLICK HERE

→ For every script used in this writeup, CLICK HERE

Initial Foothold

Vulnerability Discovery

The application processes user input in an unsafe manner, leading to:

  1. Log injection - User input directly written to log files
  2. Path traversal - Improper validation of log file paths
  3. Code execution - Logs processed by vulnerable component

Exploitation Hints

Think about:

  • How logs are processed after being written
  • What happens when logs contain special characters
  • Whether log rotation or processing occurs

User Flag Location: /home/[username]/user.txt

Privilege Escalation

Enumeration Phase

Once you have initial access, look for:

  • Running processes as root
  • Scheduled tasks (cron jobs)
  • SUID binaries
  • Writable configuration files
  • Sudo permissions

Root Path Discovery

The privilege escalation vector involves:

  1. A service running as root
  2. Misconfigured file permissions
  3. Exploiting the logging mechanism

Root Flag Location: /root/root.txt

Key Takeaways

  • Always sanitize user input before writing to logs
  • Log processing systems can become attack vectors
  • Proper file permissions are critical
  • Monitor what processes run as privileged users

Tools Used

  • nmap - Port scanning
  • gobuster / ffuf - Directory enumeration
  • burpsuite - Request manipulation
  • netcat - Reverse shells
  • Standard Linux enumeration tools

Need the full walkthrough with every command? Check out the PAID version with complete exploitation steps, all commands, and detailed explanations.