JustSomePages - HTB Machine Writeup

Difficulty: Medium | OS: Other | Status: Completed

A forensic walkthrough of HTB Sherlock JustSomePages - tracing a full kill chain from PrimeFaces RCE (CVE-2017-1000486) through SQL Server xp_cmdshell, malicious WAR deployment, and NTDS credential exfiltration via a PowerShell HTTP backdoor.

Tags: SOC, CVE 2017-1000486

[ LOADING MACHINE DATA... ]

_

0xJerry's Lab

ONLINE

Privacy Policy Terms of Service

|Built in the shadows///