HackTheBox_Shocker | w/ Metasploit

Posted Jul 19, 2024 Updated Aug 20, 2024

By Muqaram Majid

1 min read

HTB - Shocker

Overview

Shocker is a Linux machine on Hack The Box, focusing on exploiting the Shellshock vulnerability. The machine is a good practice for privilege escalation techniques.

Enumeration

nmap scan results

Directory busting results

The following directories were found during enumeration:

- /
- /cgi-bin/  → user.sh
- /icons/
- /icons/small/

There might be potential for script execution here:

Vulnerabilities

PORT 40/TCP

logrotate
Exploit: Exploit-DB #46676

PORT 2222/TCP

Username enumeration
Exploit: Exploit-DB #40136

Directory Vulnerability

/cgi-bin/user.sh - Shellshock

Exploitation

Exploiting Shellshock vulnerability

User Flag

Starting with the user flag:

Privilege escalation

Initially, access to the root directory was restricted, indicating lower privileges:

After escalating privileges:

Root Flag

Finally, the root flag was captured:

Pwned.

hackthebox, CTF, writeups

This post is licensed under CC BY 4.0 by the author.