Patents
Patents
Patents 224
Patents
RETIRED MACHINE

Patents

Patents - Linux Linux
Patents - Hard Hard

3.8

MACHINE RATING

1090

USER OWNS

887

SYSTEM OWNS

18/01/2020

RELEASED
Created by gbyolo

Machine Synopsis

Patents is a hard difficulty Linux machine featuring a "Patents Management" application running on Apache. File and folder enumeration reveals a changelog containing vulnerability information. An upload form is found to be vulnerable to XXE via crafted Word documents. This is leveraged to read PHP source code and achieve command execution. An active cron job exposing credentials in plaintext is used to move laterally. Enumeration of scripts and folders reveals a binary that is vulnerable to a buffer overflow. This binary is analyzed and exploited to gain shell on the host server as root.

Machine Matrix

Ready to start your
hacking journey?