Oouch
Oouch
Oouch 231
Oouch
RETIRED MACHINE

Oouch

Oouch - Linux Linux
Oouch - Hard Hard

4.9

MACHINE RATING

2176

USER OWNS

1941

SYSTEM OWNS

29/02/2020

RELEASED
Created by qtc

Machine Synopsis

Oouch is a hard difficulty Linux machine featuring web applications that use the OAuth authorization framework. Absence of a CSRF Token is leveraged to link an administrative account to our account, providing access to sensitive information. This information is used to register a new client application and steal the authorization code. This code is used to gain an access token, which provides unrestricted access to user resources. A misconfigured DBus server is then exploited through uWSGI in order to execute code in the context of root.

Machine Matrix

Ready to start your
hacking journey?