OnlyForYou – HackTheBox Writeup

Machine Name: OnlyForYou
IP: 10.10.11.210
Difficulty: Medium

Summary

OnlyForYou is a medium machine that starts with discovering a subdomain that is vulnerable to LFI. The LFI is used to read the source code of the application. Improper sanitization of user data in the a part of code that executes shell commands was leveraged to gain a shell as www-data. From this shell, two active ports were found, one of which hosted a login page that used default credentials. The dashboard revealed that the application uses Neo4j database. This information was used to test for Cipher injection. The cipher injection was successful and was used to gain password hashes from the database. The cracked hashes were used to login as user John. Privilege escalation involved abusing the “pip3 download” command that could be run as root by the user.

Read More