Hack the Box
Kenqz,•penetration testing
Busqueda (easy)
Introduction
User is redirected to a website which provides a search of any term given by the user.
It uses HTTP POST with Flask framework to submit a term , that is provided in the url.
For the user flag , after a quick google search , "Searcher 2.4.0" package is vulnerable to command injection.
Attacker can compromise the machine with reverse shell.
In the following post, the compromise of host is explained in detail.
Tech stack:
- Flask
- Searcher 2.4.0 (vulnerable)