HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Mentor is a medium difficulty Linux machine whose path includes pivoting through four different users before arriving at root. After scanning an `SNMP` service with a community string that can be brute forced, plaintext credentials are discovered which are used for an `API` endpoint, which proves to be vulnerable to blind remote code execution and leads to a foothold on a docker container. Enumerating the container's network reveals a `PostgreSQL` service on another container, which can be leveraged into RCE by authenticating using default credentials. Examining an old database backup on the `PostgreSQL` container reveals a hash, which once cracked is used to `SSH` into the machine. Finally, by examining the configuration files on the host, the attacker is able to retrieve a password for user `james`, who is able run the `/bin/sh` command with sudo privileges, thereby instantly forfeiting `root` privileges.
Machine Matrix