HTB: Doctor

Posted on 07 Feb 2021 in security • Tagged with security, boot2root, HTB, linux, SSTI, Splunk • 5 min read

Doctor card

This is a writeup about a retired HacktheBox machine: Doctor created by egotisticalSW and publish on September 26, 2020. This box is classified as an easy machine. The user part implied a server side template injection and finding a needle in a haystack. The root part required to use a Splunk exploit to elevate our privileges.


Continue reading