HTB CDSA
Certified Defensive Security Analyst by Academy. Get started now!
Machine Synopsis
Zetta is a hard difficulty Linux machine running an FTP server with FXP enabled, which allows us to leak the server's IPv6 address and scan it. An rsync server is found to be running on the IPv6 interface, that can be brute-forced to gain access to a user's home folder. Enumeration yields a git repository containing a vulnerable template for rsyslog. This is exploited via SQL injection to execute code as the postgres user. A predictable password scheme is then leveraged to gain a root shell.
Machine Matrix