Jewel
Jewel
Jewel 282
Jewel
RETIRED MACHINE

Jewel

Jewel - Linux Linux
Jewel - Medium Medium

3.6

MACHINE RATING

2579

USER OWNS

2389

SYSTEM OWNS

10/10/2020

RELEASED
Created by polarbearer

Machine Synopsis

Jewel is a medium difficulty Linux machine that features source code analysis of a Ruby on Rails web application. This reveals an unsafe use of RedisCacheStore (CVE-2020-8165), which is leveraged to get RCE. After archiving a foothold, we get command execution in the context of the unprivileged user `bill`. This user is allowed to run the `gem` command as root, but requires two-factor authentication to do so. In order to get around 2FA, we search for and find bill's password, and can then use the Google Authenticator utility to generate an OTP for sudo, in order to execute commands as root.

Machine Matrix

Ready to start your
hacking journey?