https://b3ta-blocker.github.io/blog A hands-on hacking blog covering penetration testing walkthroughs by Hassaan Ali Bukhari. en-us root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari) root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari) Wed, 06 Aug 2025 00:00:00 GMT https://b3ta-blocker.github.io/blog/code https://b3ta-blocker.github.io/blog/code Compromise of a Linux HackTheBox machine by escaping a Python code editor sandbox via subclass traversal to obtain a reverse shell, extracting and cracking MD5 credentials from a SQLite database, then escalating privileges by abusing a sudo-permitted backup script with a crafted JSON payload to read the root flag. Wed, 06 Aug 2025 00:00:00 GMT root.b3ta.blocker@gmail.com (Hassaan Ali Bukhari) linuxhacktheboxeasypython-sandbox-escapepath-traversalprivilege-escalation