HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Patents is a hard difficulty Linux machine featuring a "Patents Management" application running on Apache. File and folder enumeration reveals a changelog containing vulnerability information. An upload form is found to be vulnerable to XXE via crafted Word documents. This is leveraged to read PHP source code and achieve command execution. An active cron job exposing credentials in plaintext is used to move laterally. Enumeration of scripts and folders reveals a binary that is vulnerable to a buffer overflow. This binary is analyzed and exploited to gain shell on the host server as root.
Machine Matrix