Hack The Box - Investigation [Medium] - 20/08/2023
HTB Writeup
This box consist of several vulnerabilities:
- Command Injection - Used a vulnerability in
exiftool
that allowed me to run arbitrary code. - Leaked Credentials - Then we found the
.msg
file which contained an event logs from a Windows machine where we found the credentials for usersmorton
. I wasted a lot of time an effort to figure that one out, so don’t be discouraged when you can’t find it in the first 5 mins. - Sudo commands - We then found the mysterious
/usr/bin/binary
file that we could use sudo with and that led us to analyze it further where we found that it accepts 2 arguments, and it downloads a file, saves it with a specific name and runs it usingperl
.