HackTheBox_Nibbles w/o Metasploit

Posted Jul 26, 2024 Updated Aug 20, 2024

By Muqaram Majid

1 min read

HTB - Nibbles

Enumeration

Nmap Scan Results

Homepage

Source Code

Nibbleblog Directory

Dirbusting Results

Content Page

Users File

Admin Username

Vulnerabilities

Nibbleblog v4.0.3

File injection multi/http/nibble_file_upload

Exploitation Without Metasploit

PHP Exploit Upload

Attempting Exploit

Reverse Shell Script

After uploading the file, visit:

http://10.10.10.75/nibbleblog/content/private/plugins/my_image/image.php?cmd=id

Reverse Shell

Upgrading Shell

Sudo Privileges

Running sudo -l reveals script with root privileges:

Script Path

Adding Reverse Shell

Root flag:

User flag:

hackthebox, CTF, writeups

ctf hackthebox writeup linux easy

This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.