WERKZEUG
OFFSEC - Proving Grounds - HETEMIT
·2153 words·11 mins
OFFSEC PG PRACTICE
WERKZEUG
SERVICE WRITABLE
Werkzeug/1.0.1 on port 50000 has RCE endpoint, gain initial access as cmeeks. Edit /etc/systemd/system/pythonapp.service and use sudo to reboot the target to escalate to root.