Machine Synopsis
Drive is a hard Linux machine featuring a file-sharing service susceptible to Insecure Direct Object Reference (IDOR), through which a plaintext password is obtained, leading to SSH access to the box. Encrypted database backups are discovered, which are unlocked using a hardcoded password exposed in a Gitea repository. Hashes within the backups are cracked, leading to access to another user on the system whom has access to a root-owned binary with the SUID bit set. The program is reverse engineered, revealing the misuse of a printf function, which is used to read and subsequently bypass the canary on the stack. Finally, a sequence of ROP gadgets is used to obtain a shell on the target.
Machine Matrix