Pdfy Htb Writeup Upd Here

./bin/bash

Hack The Box (HTB) is a popular online platform that provides a virtual environment for cybersecurity enthusiasts to practice their skills and learn new techniques. The platform offers a variety of machines with different levels of difficulty, each with its unique challenges and vulnerabilities. In this writeup, we will focus on the PDFY machine, which was recently updated (UPD) on the HTB platform. Our goal is to provide a comprehensive walkthrough of the PDFY machine, covering its enumeration, exploitation, and privilege escalation. pdfy htb writeup upd

We then focus our attention on the PDF converter service running on port 8080. After analyzing the service using tools like curl and burpsuite , we discover that it allows users to convert various file formats to PDF. However, we also notice that the service does not perform any validation on user-input files, which could potentially lead to code execution vulnerabilities. Our goal is to provide a comprehensive walkthrough

Upon further examination, we find that the pdfy-converter service runs as the root user and uses a configuration file located at /etc/pdfy-converter/config.json . We also notice that the configuration file has weak permissions, allowing the pdfy user to modify its contents. However, we also notice that the service does

Upon launching the PDFY machine on HTB, we are provided with an initial IP address: 10.10.11.232 . Our first step is to perform an initial enumeration of the machine using tools like Nmap. We run the following command:

Using the information gathered during the privilege escalation phase, we devise a plan to gain root access. We modify the config.json file to execute a malicious command as the root user.

# Close the socket s.close()