
  <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
    <channel>
      <title>Bukhari&#39;s Archive </title>
      <link>https://b3ta-blocker.github.io/blog</link>
      <description></description>
      <language>en-us</language>
      <managingEditor>root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari)</managingEditor>
      <webMaster>root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari)</webMaster>
      <lastBuildDate>Fri, 10 Jul 2026 00:00:00 GMT</lastBuildDate>
      <atom:link href="https://b3ta-blocker.github.io/tags/freepbx/feed.xml" rel="self" type="application/rss+xml"/>
      
  <item>
    <guid>https://b3ta-blocker.github.io/blog/connected</guid>
    <title>Connected Machine (HackTheBox) — Step-by-Step Walkthrough</title>
    <link>https://b3ta-blocker.github.io/blog/connected</link>
    <description>Connected is a Linux machine compromised via CVE-2025-57819, an unauthenticated SQL injection in FreePBX 16 Endpoint Manager, leveraged to plant a cron-triggered web shell for RCE as the asterisk user, followed by privilege escalation through a writable config file executed by a root-owned Incron trigger.</description>
    <pubDate>Fri, 10 Jul 2026 00:00:00 GMT</pubDate>
    <author>root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari)</author>
    <category>hackthebox</category><category>linux</category><category>easy</category><category>freepbx</category><category>sql-injection</category><category>rce</category><category>privilege-escalation</category><category>incron</category>
  </item>

    </channel>
  </rss>
