HackTheBox - Nibbles Writeup
Nibbles is an easy Hack The Box Linux machine featuring a custom blogging platform. A login blacklist adds a slight challenge, but username enumeration and basic password guessing lead to access. Once logged in, a vulnerable file upload function enables Remote Code Execution, resulting in a shell. Privilege escalation is achieved via a poorly secured root script.
October 3, 2022 1 min read CVE-2015-6967 nibbleblog php-reverse-shell gobuster upload-vuln