Feline
Feline
Feline 274
Feline
RETIRED MACHINE

Feline

Feline - Linux Linux
Feline - Hard Hard

4.8

MACHINE RATING

2616

USER OWNS

2167

SYSTEM OWNS

29/08/2020

RELEASED
Created by MinatoTW & MrR3boot

Machine Synopsis

Feline is a hard difficulty Linux machine that features an Apache Tomcat installation. This hosts a Java application that allows users to upload files of any type. The version of Tomcat 9.0.35 is found vulnerable to RCE via session persistence. After uploading a malicious session file and triggering it, we get a foothold as the Tomcat user. Enumeration reveals that SaltStack is running locally, which suffers from authentication bypass and directory traversal vulnerabilities, leading to RCE. We take advantage of an exposed Docker unix socket file in order to interact with Docker API and escape the container.

Machine Matrix

Ready to start your
hacking journey?