HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Fatty is an insane difficulty Linux machine featuring a three-tier client-server architecture that has multiple vulnerabilities. Modification of the client application allows for a path traversal, which is used to download the server application. Admin access can be obtained by exploiting a SQL injection vulnerability in the login function. Exploiting a deserialization vulnerability in the change password function provides a foothold. A root shell can be gained by exploiting the cronjob.
Machine Matrix