https://hussienmisbah.github.io/tags/directory-traversal/ Recent content in Directory-Traversal on 0xMesbaha Hugo en Sat, 07 May 2022 12:49:13 +1000 https://hussienmisbah.github.io/posts/linux-machines/2022-05-07-unicode/ Sat, 07 May 2022 12:49:13 +1000 https://hussienmisbah.github.io/posts/linux-machines/2022-05-07-unicode/ <p>In This medium Box we are playing with JWT Tokens in specific the jku Claim Misuse , which will let us login as admin account then we will use the Unicode Encoding to read files on the system. Eventually we will find a password for user then ssh to login. for the root part we are abusing the sudo privilege on a binary which can read files on the system.</p> https://hussienmisbah.github.io/posts/linux-machines/2022-01-21-backdoor/ Sat, 23 Apr 2022 00:51:12 +0200 https://hussienmisbah.github.io/posts/linux-machines/2022-01-21-backdoor/ <p>In this easy Linux box we are facing a wordpress plugin vulnerable to directory traversal letting us reading some files on the system , brute forcing the /proc/[pid] found a vulnerable gdb server running , exploiting it will gain low privilege shell , then abusing the screen binary to get the root access.</p>