Passage - HackTheBox Writeup (10.10.10.206)

Posted on Sat, Mar 13, 2021 Medium Linux Web Application CuteNews USBCreator
Medium-difficulty Linux box on exploiting CuteNews 2.1.2 CVE-2019-11447 and abusing Linux's official USB-creator tool to gain arbitrary file write as root.

Recon

Enumeration

Exploitation

Method 1: RCE script (/php/webapps/48800.py)

Method 2: Manual upload

Privilege Escalation

Persistence

Resources

  1. https://musyokaian.medium.com/cutenews-2-1-2-remote-code-execution-vulnerability-450f29673194
  2. https://github.com/musyoka101/CuteNews_2.1.2_RCE_exploit/blob/master/exploit.py
  3. https://unit42.paloaltonetworks.com/usbcreator-d-bus-privilege-escalation-in-ubuntu-desktop/