Wordpress

HackTheBox – BigBang Machine Walkthrough (Hard Difficulty)

by darknite
2025-05-10

Chained exploitation through misconfigured web app and internal services. We started by exploiting a WordPress plugin vulnerability (CVE-2023-26326) to upload files, followed by a file read vulnerability (CVE-2024-2961) for remote code execution. From there, we cracked the database credentials, gained SSH access as the shawking user, and leveraged a vulnerable API endpoint to escalate to root. This highlights how overlooked configurations and service misconfigurations can lead to a full server compromise.

#CTF #PrivilegeEscalation #WebSecurity #CommandInjection #SSH #WordPress #LinuxPentesting #BugBounty #HackTheBox #RedTeam #CyberSecurity

Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty

by darknite
2023-04-30

In this post, I would… Read More »Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty

Hack The Box: Moderators Machine Walkthrough – Hard Difficulty

by darknite
2023-02-25

In this post, I would… Read More »Hack The Box: Moderators Machine Walkthrough – Hard Difficulty

Hack The Box: Phoenix Machine Walkthrough – Hard Difficulty

by darknite
2023-02-25

In this post, I would… Read More »Hack The Box: Phoenix Machine Walkthrough – Hard Difficulty

Hack The Box: Paper Machine Walkthrough – Easy Difficulty

by darknite
2023-02-23

In this post, I would… Read More »Hack The Box: Paper Machine Walkthrough – Easy Difficulty

HackTheBox: Monitors Machine Walkthrough – Hard Machine

by darknite
2023-03-07

In this post, i would… Read More »HackTheBox: Monitors Machine Walkthrough – Hard Machine

HackTheBox: Spectra Machine Walkthrough – Easy Difficulty

by darknite
2023-03-09

In this post, i would… Read More »HackTheBox: Spectra Machine Walkthrough – Easy Difficulty

HackTheBox: Tenet Machine Walkthrough – Medium Difficulty

by darknite
2023-03-09

In this post, i would… Read More »HackTheBox: Tenet Machine Walkthrough – Medium Difficulty