@leadOctopus said:
Think I need a nudge. I’m trying not to follow advice I don’t understand, and I’m currently all out of ideas. I know where the vulnerability is and I know how to use the vulnerable functionality in the way it’s intended. I don’t know how to exploit it and all my ideas have failed.
The best thing I can suggest is the same as the previous answers - try something, look at the error, google the error.
This will, eventually, narrow it down to one.
The ones I’ve looked up for this vulnerability all seem too vague to be really informative to me but they all have relatively high severities.
This is fairly common. There is a constant debate about how much information people should include within a CVE disclosure. Some high profile security people feel it helps attackers too much if it contains anything useful.
Part of the argument about HTB’s ratings is based on how well any relevant CVEs work without modification/research. This is a medium box, so there will need to be modification to the public exploits to make it work.
How do experienced hackers approach CVEs like these (without spoiling the machine)? There are github links to the actual changes, but the one I think is the vulnerability on this box consists of 20 something commits, and I’m not quite at the point where I want to pore over 800 lines of someone else’s code to solve this box unless that’s actually what you all did, and after 5 pages of forum posts, I’m guessing that’s not the case.
I am not a hacker, so I don’t want to guess how other people work, but in general, the process is reading through and poring over the code.
With this box, I’d suggest trying the CVEs you have. See if they should work, then see if you can get them working. I found the initial steps narrowed it down to one, which made it easier to eliminate the bits which worked vs the bits which didn’t.