Machine Synopsis
Data is an Easy Linux machine that involves exploiting `[CVE-2021-43798](https://nvd.nist.gov/vuln/detail/CVE-2021-43798)`, an arbitrary file read via path traversal in `Grafana`. By exploiting this vulnerability, the database file for Grafana is extracted, and the hashes in the database are converted to a format readable by `Hashcat`. The hash is then cracked and can be used for SSH access to the target as user `boris`. The compromised user has the privileges to execute `docker exec` as root on the system, allowing the user to escalate and obtain root access by adding the privileged flag to running containers and mounting the host filesystem.
Machine Matrix