HackTheBox - Devvortex Writeup
Devvortex is an easy Hack The Box Linux machine running Joomla CMS vulnerable to info disclosure. The config file exposes plaintext admin credentials, enabling template injection for RCE. Cracked database hashes grant SSH access. Privilege escalation is achieved via apport-cli, run as root.
February 16, 2025 1 min read ffuf ffuf-vhost gobuster joomla! php-reverse-shell mysql hashcat apport-cli CVE-2023-1326 CVE-2023-26604 CVE-2023-23752 
