Medium
Cypher [30 pts]
| Challenge Description |
| Points: 30 |
| Solves: 4273 |
- bypass login form on a server using Cypher SQL injection
- find definition of custom functions used in Cypher which has command injection and abuse it to get reverse shell and user password
- find exploit in sudo executable program bbot to launch root shell
Enumeration
First, we run nmap to see, which ports are opened on the machine:
kali@kali:~/HTB/Cypher $ nmap -sC -sV -oA nmap/cypher 10.10.11.57 Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-03-07 14:31 EST Nmap...
This writeup is protected, as the machine is currently active. Check back later for the writeup.