HTB Traverxec: Formal Write-up
·1338 words·7 mins·
loading
·
loading
Synopsis: # Traverxec is a HTB machine that hosted an outdated Nostromo web server which was vulnerable to RCE. An attacker could gain a foothold on the machine by exploiting this vulnerability and then laterally move to the user david by inspecting the web config file. A bash script in the user’s home directory revealed that the user could execute journalctl as root. This could be used to escalate privilege and gain full control of the machine.