Writer
Writer
Writer 361
Writer
RETIRED MACHINE

Writer

Writer - Linux Linux
Writer - Medium Medium

4.5

MACHINE RATING

3790

USER OWNS

3014

SYSTEM OWNS

31/07/2021

RELEASED
Created by TheCyberGeek

Machine Synopsis

Writer is a medium Linux machine that outlines poor coding practices and presents how a file read vulnerability through SQL injection can lead to disclosure of source code files which include credentials. The combination of password reuse on the SMB service with a blind SSRF exploitation via an image upload function can lead to a foothold on the system. By abusing Django features it is possible to extract and crack user credentials. Further abusing multiple misconfigurations in Postfix service leads to exploit privileges in the apt service folders allowing those users to execute commands as root through a script that updates the machine every minute.

Machine Matrix

Ready to start your
hacking journey?