JWT & Docker CVE – TheNotebook @ HackTheBox
We are solving TheNotebook, a 30-point Machine on HackTheBox where we'll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
We are solving TheNotebook, a 30-point Machine on HackTheBox where we'll modify a JWT Token, upload a PHP-Webshell and use a Docker CVE to escalate privileges.
We are going to solve Ready, a 30-point machine on HackTheBox. For user, we exploit the "Import Repo by URL" Feature in Gitlab to SSRF into Redis and add a background job which then gives us a reverse shell. For root, we can mount the host filesystem into our privileged...
Registry is a 40-point machine on HackTheBox that involves interacting with a docker registry to download a docker image and finding a password and ssh private key inside. For root we exploit a flaw in bolt cms to upload a webshell and then abuse a sudo entry that allows us...