• Search for:

    Tag Archives: Wordpress

    1. Home  - 
    2. Posts tagged "Wordpress"
    21 Feb, 2026
    Hack The Box: GiveBack machine walkthrough – Medium Difficulity
    Medium Machine , , , , , , , , , ,

    Just completed the Giveback machine on Hack The Box (Medium difficulty).
    Started with Nmap → WordPress + vulnerable GiveWP 3.14.0 (CVE-2024-5932 / CVE-2024-8353 PHP Object Injection) → unauthenticated RCE via donation form PoC → reverse shell as bitnami in a Bitnami Kubernetes pod.
    Pivoted using mounted K8s service account token → abused the API + exploited a vulnerable legacy PHP-CGI intranet service → broke out to the host as user babywyrm → grabbed user.txt.

    For root: passwordless sudo on custom /opt/debug binary → used dumped secret as admin password → crafted malicious OCI config.json → ran privileged container via runc breakout → read root.txt.
    Great chain: web vuln → container escape → K8s lateral → sudo abuse.
    Loved the real-world Kubernetes misconfig + runc wrapper elements.

    #HackTheBox #CTF #PenetrationTesting #KubernetesSecurity #ContainerEscape #RCE #PrivilegeEscalation #Cybersecurity …

    Learn MoreHack The Box: GiveBack machine walkthrough – Medium Difficulity

    3 May, 2025
    HackTheBox – BigBang Machine Walkthrough (Hard Difficulty)
    Hard Machine , , , , , , , , , , , , , , , , , , , , ,

    Chained exploitation through misconfigured web app and internal services. We started by exploiting a WordPress plugin vulnerability (CVE-2023-26326) to upload files, followed by a file read vulnerability (CVE-2024-2961) for remote code execution. From there, we cracked the database credentials, gained SSH access as the shawking user, and leveraged a vulnerable API endpoint to escalate to root. This highlights how overlooked configurations and service misconfigurations can lead to a full server compromise.

    #CTF #PrivilegeEscalation #WebSecurity #CommandInjection #SSH #WordPress #LinuxPentesting #BugBounty #HackTheBox #RedTeam #CyberSecurity …

    Learn MoreHackTheBox – BigBang Machine Walkthrough (Hard Difficulty)

    29 Apr, 2023
    Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Metatwo Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will you gain from the Metatwo machine? For the user

    Continue ReadingHack The Box: Metatwo Machine Walkthrough – Easy Difficulty

    16 Aug, 2022
    Hack The Box: Moderators Machine Walkthrough – Hard Difficulty
    Hard Machine , , , , , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Moderators Machine from Hack the Box This room will be considered a Hard machine on Hack The Box What will you gain from the Moderators machine? For the user flag,

    Continue ReadingHack The Box: Moderators Machine Walkthrough – Hard Difficulty

    29 Mar, 2022
    Hack The Box: Phoenix Machine Walkthrough – Hard Difficulty
    Hard Machine , , , , , , , , , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Phoenix Machine from Hack the Box This room will be considered as a Hard machine on Hack The box What will you gain from the Phoenix machine? For the user flag, you

    Continue ReadingHack The Box: Phoenix Machine Walkthrough – Hard Difficulty

    6 Feb, 2022
    Hack The Box: Paper Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , , , , , ,

    In this post, I would like to share a walkthrough of the Paper Machine from Hack the Box This room will be considered as an Easy machine on Hack The box What will you gain from Paper machine? For the user flag, you will

    Continue ReadingHack The Box: Paper Machine Walkthrough – Easy Difficulty

    28 Apr, 2021
    HackTheBox: Monitors Machine Walkthrough – Hard Machine
    Hard Machine , , , , , , , , , , , , , , , , , , , , , ,

    In this post, i would like to share a walkthrough on Monitors Machine. This room has been considered difficulty rated as a HARD machine We need to read the following article to fully managed the root of the machine During my time playing with

    Continue ReadingHackTheBox: Monitors Machine Walkthrough – Hard Machine

    19 Mar, 2021
    HackTheBox: Spectra Machine Walkthrough – Easy Difficulty
    Easy Machine , , , , , , , , ,

    In this post, i would like to share a walkthrough of the Spectra Machine. This room has been considered difficulty rated as an EASY machine Information Gathering on Spectra Once we have started the VPN connection, we can start the information gathering on

    Continue ReadingHackTheBox: Spectra Machine Walkthrough – Easy Difficulty

    24 Feb, 2021
    HackTheBox: Tenet Machine Walkthrough – Medium Difficulty
    Medium Machine , , , , , , , , , ,

    In this post, i would like to share walkthrough on Tenet Machine. This room has been considered difficulty rated as a Medium machine Information Gathering on Tenet Machine Once we have started the VPN connection, we can start the information gathering on

    Continue ReadingHackTheBox: Tenet Machine Walkthrough – Medium Difficulty