PYTHON WEBSERVER POST
OFFSEC - Proving Grounds - DEVELOP
·4146 words·20 mins
OFFSEC PG PRACTICE
GIT
TCPDUMP
COMMAND INJECTION
IFS
PYTHON WEBSERVER POST
PWNKIT
Access Git repository on port 80 for credentials, login application on port 8080 and use command injection to retrieve a SSH key. Exploit CVE-2021-4034 to become root.