· 16 min medium Linux Nineveh
HTB: Nineveh
A multi-stage chain through phpLiteAdmin, LFI with path filtering, steganographic SSH key extraction, and a chkrootkit privilege escalation on an Ubuntu 16.04 host.
#htb
#linux
#brute-force
#lfi +3
· 16 min medium Linux Apocalyst
HTB: Apocalyst
A steganographic wordlist hidden in a WordPress uploads image provides the admin password through brute-force, then a world-readable .secret file and LXD group membership deliver root via container escape.
#htb
#linux
#wordpress
#steganography +2