Derailed
Derailed
Derailed 512
Derailed
RETIRED MACHINE

Derailed

Derailed - Linux Linux
Derailed - Insane Insane

4.7

MACHINE RATING

477

USER OWNS

436

SYSTEM OWNS

19/11/2022

RELEASED
Created by irogir & TheCyberGeek

Machine Synopsis

Derailed is an insane difficulty Linux machine that focuses on chaining web vulnerabilities such as Stored Cross-Site Scripting, Session Riding, Arbitrary File Inclusion and command injection in a `Rails` application. A buffer overflow vulnerability in a `WebAssembly` function is exploited in order to write an XSS payload into a secondary parameter, leading to a vulnerable administrative page that allows attackers to retrieve arbitrary system files; this can be leveraged to read the application source code from the `/proc` pseudo-filesystem and discover a command injection vulnerability, resulting in Remote Command Execution. Password re-use then gives access to an `openmediavault` user who has the rights to install `.deb` packages by calling a specific function from an `RPC` endpoint, ultimately resulting in the escalation of privileges through the execution of arbitrary code during the post-installation step.

Machine Matrix

Ready to start your
hacking journey?