· 17 min medium Linux Lazy
HTB: Lazy
A padding oracle in a custom PHP authentication cookie enables CBC bit-flipping to forge admin access, exposing an SSH key. A SUID binary with a relative PATH call to cat completes the root chain.
#htb
#linux
#padding-oracle
#crypto +2