Late – HackTheBox Writeup

Machine Name: Late
IP: 10.10.11.156
Difficulty: Easy

Summary

Late has an interesting way of exploiting Server Side Template Injection (SSTI) through image to text conversion. Once an image payload that is recognized well by the application is executed, we obtain a user level shell. To escalate privileges, simple enumeration leads to an interesting file run by root. With some understanding of file attributes, it is easy enough to run code as root to get root privileges.

Read More