LARAVEL
OFFSEC - Proving Grounds - LAVITA
·2978 words·14 mins
OSCP
OFFSEC PG PRACTICE
LARAVEL
SSH in or exploit Laravel 8.4.0 with APP_DEBUG is set to true to gain www-data access. Abuse skunk’s script to escalate to skunk and use sudo /usr/bin/composer to edit composer.json to escalate privileges.