HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Bighead is an "Insane" difficulty windows box which deals with advanced binary exploitation, registry enumeration, code review and NTFS ADS. The source code of the web server is found on github which needs to be analyzed to find an overflow in a HEAD request. It can be exploited using heap spraying and egg hunting which results in a shell. Registry enumeration leads to hex encoded password for nginx which is used to obtain an ssh shell through port forward. On reviewing the PHP code a file vulnerable to LFI is found which is exploited to gain a root shell. The root flag has an ADS which is a keepass database. This is cracked using the key to gain the final flag.
Machine Matrix