↓Skip to main content

PYTHON_VIRTUAL_ENVIRONMENT

OFFSEC - Proving Grounds - SPLODGE

5 October 2025·2019 words·10 mins

OFFSEC PG PRACTICE GIT GIT-DUMPER PYTHON_VIRTUAL_ENVIRONMENT PREG_REPLACE PWNKIT

Git repository on port 80 yields password via git-dumper. Login to admin panel on 8080, exploit preg_replace for initial access. Use pwnkit (CVE-2021-4034) to get root.