<- HTB

Sau


6 minutes to read

Sau
Hack The Box. Linux. Easy machine. This machine has a web application that is vulnerable to SSRF, which can be used to read the contents of an internal server, which is vulnerable to command injection. The two vulnerabilities can be chained to get RCE on the machine. The low-privileged user is able to run systemctl as root using sudo, which leads to the privilege escalation via the default pager less