Monitors
Monitors
Monitors 341
Monitors
RETIRED MACHINE

Monitors

Monitors - Linux Linux
Monitors - Hard Hard

4.9

MACHINE RATING

3184

USER OWNS

2478

SYSTEM OWNS

24/04/2021

RELEASED
Created by TheCyberGeek

Machine Synopsis

Monitors is a hard Linux machine that involves `WordPress plugin` exploitation leading to a `command injection` via `SQL injection` through a well known network management web application in order to get a shell on the system. Then by performing basic service file enumeration one can gain the user password and thus a foothold to the system through SSH. The root stage consists of a `Java based XML RPC deserialization` attack against `Apache OFBiz` to gain a shell in a Docker container. Then it is possible by abusing the `CAP_SYS_MODULE` capability to load a malicious kernel module against the host and escalate privileges to root.

Machine Matrix

Ready to start your
hacking journey?