Tag: SSTI
-
Late – HackTheBox
Late was an easy machine that required enumerating a subdomain to discover a Flask application used to OCR images. The application was vulnerable to Server Side Template Injection which allowed for remote code execution. This led to ssh access where it was discovered that a script run by root was in a writeable location from…
-
Bolt – HackTheBox
Bolt is a Medium level machine on HTB that was recently retired. Nmap scan: Enumeration: Port 80 – HTTP There’s a pretty basic website with not many obvious paths, but I was able to download a copy of the docker file that is presumably being used to run the webserver, so saving that for now,…
A Cyber Journey 