HackTheBox - MonitorsTwo Writeup
MonitorsTwo is an easy Hack The Box Linux machine featuring pre-auth RCE via a malicious X-Forwarded-For header, leading to a Docker container shell. A misconfigured SUID capsh binary grants root in the container. Cracked MySQL credentials allow SSH access to the host. Privilege escalation is achieved by exploiting Docker CVE-2021-41091 to access container-mounted files and reuse a SUID Bash binary.
September 3, 2023 1 min read CVE-2022-46169 CVE-2021-41091 upgrade-shell-using-script rce GTFOBins capsh mysql john docker