ENV_KEEP
OFFSEC - Proving Grounds - HUGS
·2377 words·12 mins
OFFSEC PG PRACTICE
HUGEGRAPH
ENV_KEEP
SSH with provided creds or exploit HugeGraph 1.2.0 (CVE-2024-27348) on 8080 for initial acces. Get mesbaha credentials from rest-server.properties file and SSH laterally, exploit sudo /home/mesbaha/reporter.sh to root.