Let's explore Active Directory trusts! Trusted takes us through a web vulnerability, getting a foothold on the network and letting us abuse a DACL. DLL hijacking got us domain admin and abused the trust to escalate to enterprise admin.
Instant begins with a basic web page with limited functionality, offering only an APK download. From there, we explore the APK to uncover information that helps gain an initial foothold and another jump before getting root!
We are going to walk through Editorial on Hack the Box! It started by discovering a blind SSRF vulnerability that led to finding various API endpoints which leaked cleartext credentials. Additional credentials were discovered in a Git commit leading to abusing a Python script for escalation to root!
The machine starts with identifying an XSS vulnerability to steal an administrator’s cookie. This stolen cookie is then used to access a separate page vulnerable to code injection. Finally, a Bash script is exploited to escalate privileges to root.
PermX is an easy-rated machine on Hack The Box, created by mtzsec. It begins with discovering and exploiting a vulnerable learning management system to gain initial access. Password reuse and a Bash script exploit are used to escalate privileges and gain root access.
