Command Injection, Prototype Pollution & Kubernetes - Unobtainium @ HackTheBox • Vulndev

04SepSeptember 4, 2021

Command Injection, Prototype Pollution & Kubernetes – Unobtainium @ HackTheBox

By xct CTF command injection, electron, hackthebox, kubernetes, linux, prototype pollution

This video is about Unobtainium, a 40-point Linux machine on HackTheBox. For user, we download an electron app and proxy it through burp to find some credentials, which we can then use on an API endpoint. Combining a command injection & prototype pollution will then lead to a first shell on a container. For root, we pivot onto a development container & use a token we find there to query Kubernetes for secrets. This leads to an admin token which we can use to spawn a privileged container & then escape it by mounting the host filesystem

Resources

Author

xct

Related Posts

30AprApril 30, 2021

Year of the Jellyfish @ TryHackMe

In this video, we are going to solve Jellyfish, a medium difficulty box from TryHackMe, which involves exploiting a PHP... read more

27NovNovember 27, 2021

Password Spraying, gMSA, ADIDNS & Constrained Delegation – Intelligence @ HackTheBox

We are solving intelligence, a nice windows machine on HackTheBox, created by Micah. For user, we will enumerate pdfs on... read more

13JunJune 13, 2020

Monteverde @ HackTheBox

Monteverde is a 30-point Windows machine on HackTheBox that involves some LDAP and SMB enumeration to get the user flag.... read more

17AprApril 17, 2021

Exploiting Gitlab 12.8.1 – Laboratory @ HackTheBox

We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for... read more

09SepSeptember 9, 2021

SEH Based Buffer Overflow & DLL Hijacking – UT99 @ PG Practice

We are solving UT99, an intermediate windows box on PG Practice. On this box, we are going to exploit an... read more

15MayMay 15, 2021

Exploiting Gitlab 11.4.7 & Escaping a Privileged Docker Container – Ready @ HackTheBox

We are going to solve Ready, a 30-point machine on HackTheBox. For user, we exploit the "Import Repo by URL"... read more

28AugAugust 28, 2021

PHP Zerodium Backdoor & Sudo Knife – Knife @Hack The Box

This video is about Knife, a 20-point machine on HackTheBox that involves the zerodium php backdoor and using "sudo knife"... read more

20JulJuly 20, 2019

Craft @ HackTheBox

Craft is a medium difficulty box. read more

30JunJune 30, 2019

Haystack @ HackTheBox

Haystack is a 20 points machine on hackthebox, which in my opinion is not as easy as one might think.... read more

16FebFebruary 16, 2019

Giddy @ HackTheBox

In this post I will give a quick walkthrough on Giddy from hackthebox.eu. The machine involves (automated) sql injection, stealing... read more