Tag: CTF

All the articles with the tag "CTF".

Hack The Box - Editor Write-up : From RCE to Root via PATH Hijacking

29 Sep, 2025

A complete write-up for the HTB machine Editor. Initial compromise via an RCE on XWiki, pivoting to a system user, and escalating privileges through a PATH hijacking attack.
Hack The Box - Previous Write-up : LFI to Root via Terraform

20 Sep, 2025

Guide for the 'Previous' machine on Hack The Box. Learn to exploit an LFI (Path Traversal) vulnerability in NextJS for initial access and escalate privileges to root by hijacking a Terraform provider.

Hack The Box - Editor Write-up : From RCE to Root via PATH Hijacking