HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Derailed is an insane difficulty Linux machine that focuses on chaining web vulnerabilities such as Stored Cross-Site Scripting, Session Riding, Arbitrary File Inclusion and command injection in a `Rails` application. A buffer overflow vulnerability in a `WebAssembly` function is exploited in order to write an XSS payload into a secondary parameter, leading to a vulnerable administrative page that allows attackers to retrieve arbitrary system files; this can be leveraged to read the application source code from the `/proc` pseudo-filesystem and discover a command injection vulnerability, resulting in Remote Command Execution. Password re-use then gives access to an `openmediavault` user who has the rights to install `.deb` packages by calling a specific function from an `RPC` endpoint, ultimately resulting in the escalation of privileges through the execution of arbitrary code during the post-installation step.
Machine Matrix