Tag: sudo
All the articles with the tag "sudo".
WriteUp Coliseum - Vulnyx
Published:Writeup of the Coliseum machine (Vulnyx): IDOR with Roman numerals, RCE via PostgreSQL, automation of decrypting a chain of password-protected zips using Caesar cipher and final privilege escalation with BusyBox.
WriteUp Cursodex - TheHackersLabs
Published:Writeup of the Cursodex CTF from TheHackersLabs, exploring the exploitation of LLM tools through SSRF.
WriteUp Token Of Love - TheHackersLabs
Published:Writeup narrating the exploitation in "Token Of Love," where a hidden clue in IPFS is deciphered to obtain the private key and manipulate the JWT. Vulnerabilities in Node.js are exploited to achieve RCE, and by using sudo with tee and a vulnerability in rsync wildcards, privilege escalation to root is achieved.
WriteUp Matrix - Vulnyx
Published:This writeup documents the exploitation of a vulnerable machine inspired by Matrix, using traffic analysis, PHP injection, and privilege escalation with rsync to gain root access.