HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Chainsaw is a Hard Linux machine with various components in place. The server is running an Ethereum node, which is used to store and retrieve data. This can be modified by an attacker to set malicious data on the latest block and get code execution. The box contains an installation of IPFS ( Interplanetary File System ), and further enumeration reveals that it contains an encrypted SSH key, which can be cracked to gain lateral movement. This user has execute permissions on a SUID file, which interacts with another node running on localhost. This is exploited in a similar way as earlier to get a root shell.
Machine Matrix