Exploited exposed credentials in a .git repository to access Backdrop CMS, then used a remote command execution vulnerability (EDB-ID: 52021) for a reverse shell. Escalated to root by leveraging a misconfigured bee binary with sudo privileges, capturing both user and root flags.
#Cybersecurity #HackTheBox #PenetrationTesting #CTF #WebExploitation #PrivilegeEscalation #EthicalHacking #InfoSec #CyberSec #Hacking
Hack The Box Success: Cat Machine Write-Up Published!
I’ve just published my personal write-up for the Cat machine on Hack The Box. In this challenge, I gained the user flag by exploiting a Stored XSS vulnerability to capture the admin session cookie, followed by an SQL Injection to extract credentials and gain SSH access. For the root flag, I took advantage of a vulnerable image processing script owned by root, crafting a payload to gain a root shell and retrieve the flag. The full write-up dives into each step, the logic behind the attacks, and key takeaways.
#CyberSecurity #HackTheBox #PenetrationTesting #EthicalHacking #CTF #WriteUp #XSS #SQLi #PrivilegeEscalation #InfoSec #CTFWriteup
Introduction to Trickster: In this write-up, we will explore the “Trickster” machine from Hack The Box, categorized as a medium-difficulty challenge. This walkthrough will cover… Read More »Hack The Box: Trickster Machine Walkthrough – Medium Difficulty
In this post, I would like to share a walkthrough of the Pilgrimage Machine from Hack the Box This room will be considered an Easy machine… Read More »Hack The Box: Pilgrimage Machine Walkthrough – Easy Difficulty
In this post, I would like to share a walkthrough of the Encoding Machine from Hack the Box This room will be considered a medium machine… Read More »Hack The Box: Encoding Machine – Medium Difficulty
In this post, I would like to share a walkthrough of the UpDown Machine from Hack the Box This room will be considered a medium machine on… Read More »Hack The Box: UpDown Machine Walkthrough – Medium Difficulty
In this post, I would like to share a walkthrough of the Vessel Machine from Hack the Box This room will be considered a medium machine on… Read More »Hack the box: Vessel Machine Walkthrough – Hard Difficulty
In this post, I would like to share a walkthrough of the Devzat Machine from HackTheBox This room has been considered difficulty rated as a medium machine on HackThebox… Read More »HackTheBox: Devzat Machine Walkthrough – Medium Difficulty
In this post, i would like to share a walkthrough of the Cereal Machine. This room has been considered difficulty rated as a Hard machine Information Gathering on Cereal… Read More »HackTheBox: Cereal Machine Walkthrough – Hard Difficulty