Yummy (Hard) | Hack The Box

Products

Solutions for

Teams

Schools

Individuals

Products we offer

Courses & Certifications

Cyber Ranges

Enterprise Attack Simulations

Gamified Team Assessments

Workforce Exercises
new

Talent Sourcing

View all products for teams

Academy for Business

Build cybersecurity talent from within.

An interactive and guided skills development platform for corporate teams
looking to master offensive, defensive, and general security domains.

Read more

Start a free trial

Dedicated Labs

Deal with the latest attacks and cyber threats!

Ensure learning retention with hands-on skills development through a
growing collection of real-world scenarios in a dedicated team environment.

Read more

Start a free trial

Professional Labs

Assess an organization's security posture.

Assess and certify your team's skills and problem-solving abilities
with complex, realistic corporate scenarios.

Enterprise Labs

Cloud Labs

Get a demo

Capture The Flag

Where is your organization standing?

Benchmark your team capability and analyze skill gaps with engaging
competitions featuring market-leading cybersecurity content.

Host your private CTF

Get a demo

Crisis Control

AI-powered tabletops for executive and cyber teams

We are redefining traditional TTXs to fully measure and develop
organizational crisis readiness. See how your staff reacts under pressure
and protect the pivotal assets in your organization.

Book a call

Read more

Talent Search

Recruit and develop your next team member!

Source future talent directly from our 2.5M community of skilled
individuals and develop clear career paths.

Read more

Get a demo

Products we offer

Courses & Learning Paths

Hands-on Labs

Gamified Team Exercises

Industry Certifications

Programs

Student programs

Teacher programs

View all products for schools

HTB Academy

Start your cybersecurity journey.

From comprehensive beginner-level to advanced online courses covering
offensive, defensive, or general security domains.

Get a demo

Dedicated Labs

Deal with the latest attacks and cyber threats!

Ensure learning retention with hands-on skills development through a
growing collection of real-world scenarios in a dedicated classroom
environment.

Get a demo

Capture The Flag

Where is your classroom standing?

Benchmark your classroom capability and analyze skill gaps with
engaging competitions featuring market-leading cybersecurity content.

Host your private CTF

Industry Certifications

Create market-ready cybersecurity professionals.

Bridge the gap between education and the dynamic job market with
industry recognized certifications.

Get a demo

Student Programs

Student subscription.

Unlock 40+ courses on HTB Academy for $8/month. Kickstart your
cyber career from the fundamentals.

Start now

Teacher Programs

Classroom plans.

Access exclusive business features and training service by bringing HTB
to your classroom.

Get a demo

Products we offer

Courses & Learning Paths

Hands-on Labs

Gamified Hacking Events

Job Board
11+ jobs available

Industry Certifications

View all products for individuals

HTB Academy

Start your cybersecurity journey.

From comprehensive beginner-level to advanced online courses
covering offensive, defensive, or general security domains.

Get started for free

HTB Labs

Where real hackers level up!

An ever-expanding pool of labs with new scenarios released every week.

Hacking Labs

Defensive Labs

Red Teams Labs

Join now

Capture The Flag

Looking for a real gamified hacking experience?

Measure your skills in dynamic cybersecurity competitions.

HTB Seasons

Hacking Battlegrounds

Join a CTF event

Job Board

Land your first job in cyber.

Recruiters from the best companies worldwide are hiring through
Hack The Box.

Apply now

Industry Certifications

Become a market-ready cybersecurity professional.

Skyrocket your resume and land your dream job with industry recognized
certifications.

Start now
Solutions

Job Roles

Red Teams

Blue Teams

Purple Teams

Industries

Government

Finance

Consulting

Education

Use Cases

Onboarding and talent development

Benchmarking and skill gap analysis

Skill-based hiring and assessments

Continuous threat exposure management

Code security and risk mitigation

Governance, risk, and compliance

Real-time breach and crisis simulation

Customer Stories

Toyota & Hack The Box: bridge the
knowledge gap between security and cloud.

View all customer stories
Pricing
Resources

Resource Hub

Educational resources for hackers, schools and teams.

Explore all resources

Discord Server

Join over 250K hackers interacting and learning.

Hang out

Community

Upcoming Events

Meetups

Affiliate Program

SME Program

Ambassador Program

Parrot OS

Get Help

Help Center

Contact Support

From the Blog

Rethinking readiness: Key insights from our skills benchmarking webinar

Read more articles

Industry Reports

New release: 2024 Cyber Attack Readiness Report 💥

We threw 58 enterprise-grade security challenges at 943 corporate
teams and 4,944 security professionals from different industries. Here's
what we learned based on their performance and future security trends.

Download your guide
Company

Company

About us

Careers

Social Impact

Brand Guidelines

Certificate Validation

Legal

Contact us

Press

Partners

Enterprise Sales

Connect

LinkedIn

X

Youtube

Facebook

Why Hack The Box?

Work @ Hack The Box

Join our mission to create a safer cyber world by making cybersecurity
training fun and accessible to everyone. No boundaries, no limitations.

View open jobs

Featured News

Access specialized courses with the HTB Academy Gold annual plan.

Read more news

Store

HTB Swag

Buy Gift Cards

Business

Start free trial

Our all-in-one cyber readiness platform free for 14 days

Get a demo

Get in touch with our team of experts for a tailored solution

Yummy 628

RETIRED MACHINE

Yummy

Yummy - Linux

Linux

Yummy - Hard

Hard

4.7

MACHINE RATING

1999

USER OWNS

1810

SYSTEM OWNS

05/10/2024

RELEASED

Created by LazyTitan33

Machine Synopsis

Yummy is a hard box that starts with a Restaurant web app using Caddy web service, on port 80, where an attacker finds an arbitrary file read HTTP Location header, which is not handled and sanitized properly by default Caddy default configuration. Reading the source code, the web app uses JWT RSA keypairs to forge an admin token and escalate privileges on the web app. The admin panel has an SQL injection, allowing arbitrary file write, the attacker now overwrites a file running periodically (`cronjob`). Improper directory permissions allow the attacker to move laterally to `www-data` and eventually `dev` user. The `dev` user can execute `rsync` binary as root, which helps escalate privileges to root.

Machine Matrix

Ready to start your
hacking journey?

Join Now