RedPanda
RedPanda
RedPanda 481
RedPanda
RETIRED MACHINE

RedPanda

RedPanda - Linux Linux
RedPanda - Easy Easy

3.9

MACHINE RATING

12645

USER OWNS

7245

SYSTEM OWNS

09/07/2022

RELEASED
Created by woodenk

Machine Synopsis

RedPanda is an easy Linux machine that features a website with a search engine made using the Java Spring Boot framework. This search engine is vulnerable to Server-Side Template Injection and can be exploited to gain a shell on the box as user `woodenk`. Enumerating the processes running on the system reveals a `Java` program that is being run as a cron job as user `root`. Upon reviewing the source code of this program, we can determine that it is vulnerable to XXE. Elevation of privileges is achieved by exploiting the XXE vulnerability in the cron job to obtain the SSH private key for the `root` user. We can then log in as user `root` over SSH and obtain the root flag.

Machine Matrix

Ready to start your
hacking journey?