Easy
Titanic [45 pts]
| Challenge Description |
| Points: 45 |
- discover path traversal on website to recover user flag and gitea database
- recover user password from gitea database to gain access to box
- use CVE for ImageMagick in a script running periodically as root to read root flag
Enumeration
Start enumeration with nmap to see, which ports are open on the box.
kali@kali:~/HTB/titanic $ nmap -sC -sV -oA nmap/titanic 10.10.11.55 Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-02-17 16:41 EST Nmap scan report for 10.10.11.55 Host is up (0.089s latency). Not shown: 998 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh...
This writeup is protected, as the machine is currently active. Check back later for the writeup.