https://b3ta-blocker.github.io/blog A hands-on hacking blog covering penetration testing walkthroughs by Hassaan Ali Bukhari. en-us root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari) root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari) Thu, 17 Jul 2025 00:00:00 GMT https://b3ta-blocker.github.io/blog/dog https://b3ta-blocker.github.io/blog/dog Compromise of a Linux HackTheBox machine by dumping an exposed Git repository to extract database credentials, logging into Backdrop CMS as admin, exploiting an authenticated unrestricted file upload vulnerability (CVE-2022-42092) for RCE, and escalating privileges via a sudo misconfiguration on the bee CLI tool. Thu, 17 Jul 2025 00:00:00 GMT root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari) linuxhacktheboxeasygit-dumpercve-2022-42092file-uploadreverse-shellcredential-reusesudo-exploitationprivilege-escalation