HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Overflow is a hard difficulty Linux machine that showcases different vulnerabilities and exploitation techniques such as Padding Oracle attacks, SQL Injection, Remote Code Execution in ExifTool (CVE-2021-22204) and binary exploitation. Foothold is obtained by running a Padding Oracle attack on a session cookie, obtaining administrator access to a web application. Next, an SQL Injection vulnerability is exploited to retrieve credentials that allow access to a second web application, which in turn contains information for accessing a third application, where image files can be uploaded resulting in Remote Command Execution through ExifTool. Lateral movement to a second user is possible due to password reuse. Having the ability to overwrite the `/etc/hosts` file, a scheduled job can be hijacked to execute an attacker-hosted payload, granting access to a third unprivileged user. Finally, exploiting a buffer overflow in a `setuid` binary results in the escalation of privileges to `root`.
Machine Matrix