ry4n.sh
  • Home
  • Contact
  • About
  • YouTube
Subscribe
Tagged

writeup

A collection of 1 post

Doctor - Exploiting SSTI @ Hack The Box
hack the box

Doctor - Exploiting SSTI @ Hack The Box

Doctor is a retired easy machine from Hack The Box that involves employing Server Side Template Injection in order to exploit a web application and establish a foothold on the box. From there, it is possible to exploit a vulnerability in the Splunk Universal Forwarder to gain root access. This

  • Ryan Gordon
Ryan Gordon Mar 4, 2021 • 6 min read
ry4n.sh © 2023
Powered by Ghost