Busqueda
Busqueda
Busqueda 537
Busqueda
RETIRED MACHINE

Busqueda

Busqueda - Linux Linux
Busqueda - Easy Easy

4.4

MACHINE RATING

18420

USER OWNS

14566

SYSTEM OWNS

08/04/2023

RELEASED
Created by kavigihan

Machine Synopsis

Busqueda is an Easy Difficulty Linux machine that involves exploiting a command injection vulnerability present in a `Python` module. By leveraging this vulnerability, we gain user-level access to the machine. To escalate privileges to `root`, we discover credentials within a `Git` config file, allowing us to log into a local `Gitea` service. Additionally, we uncover that a system checkup script can be executed with `root` privileges by a specific user. By utilizing this script, we enumerate `Docker` containers that reveal credentials for the `administrator` user's `Gitea` account. Further analysis of the system checkup script's source code in a `Git` repository reveals a means to exploit a relative path reference, granting us Remote Code Execution (RCE) with `root` privileges.

Machine Matrix

Ready to start your
hacking journey?