🏷🏷 Publisher TryHackMe CTF walk through 🏷🏷
1.6 هزار بار بازدید -
ماه قبل
-
Test your enumeration skills on
Test your enumeration skills on this boot-to-root machine.
CVE-2023-27372 / SPIP publishing system
🏷 room link: https://tryhackme.com/r/room/publisher
The "Publisher" CTF machine is a simulated environment hosting some services. Through a series of enumeration techniques, including directory fuzzing and version identification, a vulnerability is discovered, allowing for Remote Code Execution (RCE). Attempts to escalate privileges using a custom binary are hindered by restricted access to critical system files and directories, necessitating a deeper exploration into the system's security profile to ultimately exploit a loophole that enables the execution of an unconfined bash shell and achieve privilege escalation.
🏷 script used:
https://github.com/nuts7/CVE-2023-27372
#tryhackme
CVE-2023-27372 / SPIP publishing system
🏷 room link: https://tryhackme.com/r/room/publisher
The "Publisher" CTF machine is a simulated environment hosting some services. Through a series of enumeration techniques, including directory fuzzing and version identification, a vulnerability is discovered, allowing for Remote Code Execution (RCE). Attempts to escalate privileges using a custom binary are hindered by restricted access to critical system files and directories, necessitating a deeper exploration into the system's security profile to ultimately exploit a loophole that enables the execution of an unconfined bash shell and achieve privilege escalation.
🏷 script used:
https://github.com/nuts7/CVE-2023-27372
#tryhackme
ماه قبل
در تاریخ 1403/04/09 منتشر شده
است.
1,648
بـار بازدید شده