DevArea - HTB Machine Writeup

Difficulty: Medium | OS: Linux | Status: Completed

Exploit an unauthenticated Apache CXF MTOM file-read vulnerability to leak credentials, abuse Hoverfly middleware for RCE, then escalate to root via a world-writable /bin/bash.

Tags: CVE-2022-46364, SOAP LFI, Misconfigured SUID

[ LOADING MACHINE DATA... ]

_

0xJerry's Lab

ONLINE

Privacy Policy Terms of Service

|Built in the shadows///