Jarvis
Jarvis
Jarvis 194
Jarvis
RETIRED MACHINE

Jarvis

Jarvis - Linux Linux
Jarvis - Medium Medium

4.9

MACHINE RATING

9271

USER OWNS

8457

SYSTEM OWNS

22/06/2019

RELEASED
Created by manulqwerty & Gh0spp7

Machine Synopsis

Jarvis is a medium difficulty Linux box running a web server, which has DoS and brute force protection enabled. A page is found to be vulnerable to SQL injection, which requires manual exploitation. This service allows the writing of a shell to the web root for the foothold. The www user is allowed to execute a script as another user, and the script is vulnerable to command injection. On further enumeration, systemctl is found to have the SUID bit set, which is leveraged to gain a root shell.

Machine Matrix

Ready to start your
hacking journey?