Our target is qdPM, a free project management tool. The tool with the 9.2 version is vulnerable to Cross-site Request Forgery and we are going to inspect the application to leverage the vulnerability. First, we will try to exploit ourselves then we will check the defined CVE and exploit.
I am going to share my walkthrough for Vulnhub machine called “Geisha: 1”. The machine difficulty was a beginner to intermediate, the goal is to get the root shell i.e.(root@localhost:~#) and then obtain flag under /root).
In January 2019, researchers discovered a privilege escalation vulnerability in default installations of Ubuntu Linux. This was due to a bug in the snapd API, a default service. Any local user could exploit this vulnerability to obtain immediate root access to the system (Linux Privilege Escalation via snapd, n.d.). In this post, I am going to exploit one of the affected Ubuntu 16.04 using dirty_sock exploit via snapd which created by security researcher. Moreover, snapd serves up a REST API attached to a local AF_UNIX socket. Access control to restricted API functions is accomplished by querying the UID associated with any connections made to that socket. User-controlled socket peer data can be affected to overwrite a UID variable during string parsing in a for-loop. This allows any user to access any API function.
Hi All, this is my first blog entry which I decided to share my written walkthroughs related to retired machines on HTB. Frankly speaking, I am in the learning process and end of my development, I would like to look at my progress for checking what I learnt. Additionally, I want to share my knowledge with our peers or who wants to improve themselves.