OS command injection, port forward
InfluxDB-Exploit
Writeup
Writeup:CMS Made Simple < 2.2.10 - SQL Injection;PATH HIJACKING
Bastion
Bastion
Explore
Explore: android, ES File Explorer (CVE-2019–6447), ssh port forwarding
PersistenceIsFutile
Hackers made it onto one of our production servers 😅. We’ve isolated it from the internet until we can clean the machine up. The IR team reported eight difference backdoors on the server, but didn’t say what they were and we can’t get in touch with them. We need to get this server back into prod ASAP – we’re losing money every second it’s down. Please find the eight backdoors (both remote access and privilege escalation) and remove them. Once you’re done, run /root/solveme as root to check. You have SSH access and sudo rights to the box with the connections details attached below.
username: user
password: hackthebox
Spectra
Spectra- wordpress
wp_admin_shell_upload
Delivery
Delivery
Armageddon
Armageddon
Drupal drupal_drupalgeddon2
sudo snap install poc exploit dirty_sockv2.py