Blog Posts

Strutted Writeup

#Medium

#Linux

This is a HackTheBox machine that contains a CVE against Apache struts 6.3 which allows for bypassing default upload security, that has been secured by checking the magic bytes, and filename of the file being added. Bypassing these security items, with a jsp webshell results in code execution. Enumeration then results in a user password, and an ssh session. After getting user a simple privilege escalation vector is shown via tcpdump.

01/24/2024