HackTheBox
HTB Irked Writeup: UnrealIRCd Backdoor to Root via SUID Abuse
Exploiting the UnrealIRCd 3.2.8.1 backdoor for initial shell access, then escalating to root through a custom SUID binary on Linux.
Articles
CTF Writeups
HTB Bank: Chasing Balance Transfers to Root Shell
DNS enumeration reveals a hidden banking application. File upload restriction bypass for webshell access, then root via writable SUID binary.
HackTheBox
HTB Nibbles: File Upload to Root
Nibbleblog CMS arbitrary file upload vulnerability for initial shell, then root access through sudo misconfiguration on Linux.
CTF Writeups
HTB Devvortex: From Joomla Info Disclosure to Root
Joomla information disclosure (CVE-2023-23752) leaking database credentials, then privilege escalation to root via apport-cli on Linux.
HackTheBox
HTB Bounty: File Upload to System via Chimichurri
IIS file upload bypass via web.config for initial shell on Windows, then SYSTEM access using the Chimichurri (MS10-059) kernel exploit.
CTF Writeups
HTB Blocky
Minecraft server enumeration, Java JAR plugin decompilation revealing hardcoded database credentials, and trivial root access via sudo su.