In this video I demonstrate how I get into and own a vulnerable virtual machine from hackthebox.eu. This box, as its name might suggest, is vulnerable to a shellshock exploit.
For those who don't know, shellshock is a vulnerability that has been laying unpublished for years, until it was released a couple of years ago. So, this exploit has been existing in unix based systems since 1989.
A decent estimate would be that during all of its years of existence, the vulnerability might have been affected billions of devices. So, this vulnerable machine and its main vector of attack is based on the shellshock vulnerability.
First you get a shell using a shellshock exploit and then you escalate your privileges (you get inside the machine as an unprivileged user). I hope you enjoy this video and I hope that you learn something useful from it - that will help you protect and secure the systems you manage.
I am curious about this though. More please
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit