#WordPress

Spectra - HackTheBox Writeup (10.10.10.229)

Easy-difficulty ChromeOS box with a focus on password reuse on WordPress. Privilege escalation by leveraging sudo rights on initctl to create a new malicious service and gain root access.

Posted on Mon, Jul 5, 2021 Easy Linux WordPress Password Reuse SUID Binary

Tenet - HackTheBox Writeup (10.10.10.223)

Medium-difficulty Linux box about exploiting insecure deserialisation vulnerabilities in a PHP data migration program under development. Privilege escalation by exploiting a race condition between Bash variable references in an SSH backup script.