Sandworm
Sandworm
Sandworm 548
Sandworm
RETIRED MACHINE

Sandworm

Sandworm - Linux Linux
Sandworm - Medium Medium

4.6

MACHINE RATING

4643

USER OWNS

3757

SYSTEM OWNS

17/06/2023

RELEASED
Created by C4rm3l0

Machine Synopsis

Sandworm is a Medium Difficulty Linux machine that hosts a web application featuring a `PGP` verification service which is vulnerable to a Server-Side Template Injection (`SSTI`), leading to Remote Code Execution (`RCE`) inside a `Firejail` jail. Plaintext credentials can be discovered within the jail, which lead to `SSH` access to the machine as one of its users. From there, a cronjob is discovered, which compiles and runs a `Rust` binary. The program relies on a custom, external logging crate to which the user has write access, which is then used to obtain a shell as the `atlas` user running the cronjob. Finally, a recent `Firejail` exploit (`CVE-2022-31214`) is used to create a sandbox where the attacker can run the `su` command and obtain a `root` shell on the target system.

Machine Matrix

Ready to start your
hacking journey?