HTB: Craft
Posted on 05 Jan 2020 in security • Tagged with security, boot2root, HTB, git, gogs, api, vault, linux • 6 min read
This is a writeup about a retired HacktheBox machine: Craft This box is classified as a medium machine. The user part is quit long and involve to find "secrets" in a git repository, access an API to get a reverse shell and manipulate a MySQL database in a jailed environment. The root part is quit easier and involve to interact with a vault instance.
Continue reading