Meta was a Medium difficulty Linux box created by Nauten. Initial foothold on the box was to find RCE in
exiftool and uploading the modified image with payload to get a shell we get a shell as
www-data. Running pspy we see an cron running every minute with a script running we upload a modified svg and we get a shell as user. Rooting the box was pretty simple with just modifying the
XDF_CONFIG_HOME and running
neofetch with sudo and we get a shell as root.
Cap a easy linux box by hackthebox user InfoSecJack. The box revoled around finding a old pcap file with an idor and analysing that to find a user credential, using which we can ssh to the box with the credentials. Privileage escalation on the box was also simple checking for linux capabilities we find python have
cap_setuid using which we can get root.
Schooled, a FreeBSD machine on Hackthebox created by user TheCyberGeek was a medium difficulty machine. Initial foothold on this machine was Cross-Site Scripting (XSS) attack to steal Teacher cookie. After getting Teacher account It was about using an CVE
CVE-2020-14321 to get an RCE and a shell. After getting shell on the box it is about finding a hash cracking it and using that password to get user on the box. Privilege Escalation on the box was about creating a malicious package and installing it which get us root.