Hi everyone! This write-up is on an easy Linux machine which focused on enumerating the webpage source for backdoor access to login to a webpage, using command injection vulnerability for initial access, and path hijacking via sudo for root privilege. Let’s get started! 1. Nmap enumeration $ IP=10.10.11.182 $ sudo nmap -sC -sV -p- $IP […]
Hi everyone! Today’s post is on Previse, an easy HackTheBox Linux machine. This machine was released on 8 August 2021. In this machine, a URL redirect status 302 is exploited to leak the actual web page without logining in, exploiting unsanitized POST data run on the server’s PHP’s exec(), extracting user password from one-liner MySQL […]
Hi everyone! Today’s write-up is on Pandora, an easy GNU/Linux machine released on 10th January 2022. I won’t say the machine is easy if you are those who build the SQL injection exploit from scratch. Someone actually build the PoC exploit for an old CVE recently for this HackTheBox challenge so I leached on it. […]
Hi everyone! Today’s post is on path injection. Let’s get started. Identifying path injection vulnerability There are many ways that may lead to path injection vulnerability. However, this post will only focus on path injection vulnerability in bash scripts. Path injection vulnerability usually occurs if root users do not specify the full path of the […]
Hi everyone! Today’s post is on Writeup, an easy HackTheBox GNU/Linux machine. It was released on 9th June 2019. To access the server to get the user flag is fairly simple but to escalate privileges is quite hard for me to find clues until HackTheBox’s discussion forum helped me with some clues. This machine is […]
Lamecarrot 