HackTheBox - Codify Writeup
Codify is an easy Hack The Box Linux machine featuring a Node.js code execution app using a vulnerable vm2 library, allowing RCE. A SQLite database reveals a crackable hash, granting SSH access. Privilege escalation is achieved via a misconfigured Bash script that exposes the root password.
nodejs vm2 vm2-v3.9.16 hashcat wildcard-injection pspy