MakeSense - HTB Machine Writeup
Difficulty: Medium | OS: Linux | Status: Completed
A Medium difficulty HTB Linux box chaining a WordPress stored XSS (via a statically-keyed AES-GCM "encryption" bypass) to admin takeover, plugin-upload RCE, and root privesc through an internal OCR service's unrestricted file-write.
Tags: WordPress, Stored XSS, Privilege Escalation
[ LOADING MACHINE DATA... ]
_