Noter – HackTheBox Writeup
Machine Name: Noter
IP: 10.10.11.140
Difficulty: Medium
Summary
Noter is a machine that expects basic enumeration to lead to session cookies, JWT secrets, and credentials to servers. It teaches code review, and identification of code injections. Privilege Escalation was fairly simple as it was achieved with a public exploit that required credentials obtained during enumeration. The exploit allowed command execution as root through MySQL to gain a root shell.
Read More