#sql-injection

3 posts

22 Jul 2022 · 22 min hard Linux Charon

HTB: Charon

A multi-stage Linux box requiring two SQL injection points, a case-sensitive keyword filter bypass, a hidden base64 upload field, RSA key factorisation, and a SUID binary with a newline injection to reach root.

#htb #linux #sql-injection #rsa +2

22 Apr 2022 · 16 min medium Linux Europa

HTB: Europa

An SQL injection bypass on a TLS-disclosed admin portal leads to PHP code execution via preg_replace's /e modifier, then a writable cron script grants root.

#htb #linux #sql-injection #openvpn +2

15 Apr 2022 · 16 min medium Linux Cronos

HTB: Cronos

DNS zone transfer discloses a hidden admin subdomain, SQL injection bypasses authentication, command injection provides a shell, and a writable cron script escalates to root.

#htb #linux #dns #sql-injection +2