<- HTB

Ransom


7 minutes to read

Ransom
Hack The Box. Linux. Medium machine. This machine has a Laravel website with a login form that is vulnerable to Type Juggling. After that we find a encrypted ZIP file and we can perform a known plaintext attack to extract the files. The password expected for the login form is reused for the root user. Basic knowledge about web pentesting on PHP and knowledge about ZIP files is required in order to comprimise this machine