Soccer - Hackthebox (OSCP Prep) TJ Nulls - Tiny File Manager CVE, Websocket SQLI, Sticky Bits SUID скачать в хорошем качестве

Soccer - Hackthebox (OSCP Prep) TJ Nulls - Tiny File Manager CVE, Websocket SQLI, Sticky Bits SUID

I'm going through these boxes as a part of TJ Nulls list for Offsec's Pen-200 course as preparation before I take the deep dive into the course content. Tiny File Manager CVE Websocket SQLI Sticky Bits SUID Soccer is an easy difficulty Linux machine that features a foothold based on default credentials, forfeiting access to a vulnerable version of the Tiny File Manager , which in turn leads to a reverse shell on the target system ( CVE-2021-45010 ). Enumerating the target reveals a subdomain which is vulnerable to a blind SQL injection through websockets. Leveraging the SQLi leads to dumped SSH credentials for the player user, who can run dstat using doas - an alternative to sudo . By creating a custom Python plugin for doas , a shell as root is then spawned through the SUID bit of the doas binary, leading to fully escalated privileges Skills Required Basic web enumeration Basic Linux enumeration ------------------ Skills Learned Identifying blind SQL Injections Leveraging SUID binaries to escalate privileges ------------------ Tools manual enumeration CVE Websocket SQLmap ------------------ My Certifications: Practical Network Penetration Tester (PNPT) : TCM Security - https://certifications.tcm-sec.com/pnpt/ Practical Junior Penetration Tester (PJPT): TCM Security - https://certifications.tcm-sec.com/pjpt/ Practical Junior Web Tester (PJWT): TCM Security - https://certifications.tcm-sec.com/pjwt/ Certified Ethical Hacker (CEH): EC-Council -------------------- Socials: Tryhackme: https://tryhackme.com/p/NoxLumens Hackthebox: https://app.hackthebox.com/profile/17... Twitch:   / noxlumens