Category: Walkthroughs

This is an easy-rated retired HackTheBox machine which is running an open source web application vulnerable to command injection giving a foothold on the box. Cleartext creds and password reuse allows us to execute a custom docker like command with sudo privileges giving us the administrator credentials to a gitea server. While on the gitea…