Skip to content

Dog Walkthrough

Dog

Summary

The Dog box is an easy-rated HTB challenge focusing on a CMS exploit and privilege escalation through a PHP-based binary.

Walkthrough

  1. Nmap: Service and version scanning.
  2. GoBuster: Directory and file enumeration.
  3. robots.txt: Found interesting entries.
  4. git-dumper: Dumped the .git repository.
  5. Identify Email: Found an organization email.
  6. Analyze Dump: Found the matching mail in the git dump.
  7. Extract Password: Found the password in the configuration file.
  8. Login: Authenticated to the admin panel.
  9. Vulnerability Research: Search version of Backdrop CMS for exploits.
  10. Exploitation: Modules can be exploited from the admin page.
  11. Reverse Shell: List /etc/passwd or use a reverse shell script.
  12. Exploration: Noticed limited access initially.
  13. Password Spraying: Attempted password spraying on local users.
  14. User Access: Logged in as jonhcusack. FLAG
  15. Privilege Escalation: Ran sudo -l.
  16. Binary Analysis: Found the bee binary, which must be run from the Backdrop directory.
  17. Root Shell: Ran in /var/www/html with a PHP script command: system("/bin/bash").
  18. Victory: Gained ROOT access.