RCONFIG
OFFSEC - Proving Grounds - QUACKERJACK
·2473 words·12 mins
OFFSEC PG PRACTICE
RCONFIG
rConfig on port 8081 has SQLi leaking admin hash. CrackStation decrypts it for credentials. CVE-2019-19509 grants access. SUID find binary escalates to root.