We are solving Previse, an easy linux machine on HackTheBox that involves a Command Injection & Path Hijacking.
We are going to solve "Binary Heaven", a room on TryHackMe. It starts with some light reversing and debugging, and then we exploit a simple stack overflow followed by path hijacking for root.
We are going to solve Laboratory, which is an easy linux machine on HackTheBox with a CVE on Gitlab for user and path hijacking on a setuid binary for root.
Writeup is a nice, medium difficulty machine on hackthebox, featuring the use of a publicly available sql injection exploit and a rather unique way to get root by using path poisoning.