Dog Machine (HackTheBox) — Step-by-Step Walkthrough
linuxhacktheboxeasygit-dumpercve-2022-42092file-uploadreverse-shellcredential-reusesudo-exploitationprivilege-escalation
Compromise of a Linux HackTheBox machine by dumping an exposed Git repository to extract database credentials, logging into Backdrop CMS as admin, exploiting an authenticated unrestricted file upload vulnerability (CVE-2022-42092) for RCE, and escalating privileges via a sudo misconfiguration on the bee CLI tool.
Read more →