JOIN BREACHFORUMS TELEGRAM
HTB CBBH - Server-Side Attacks (Updated Flags)
by ir0nman4l1f3 - Monday August 26, 2024 at 05:04 PM
Breached
Member
Posts: 39
Threads: 12
Joined: Aug 2024
Reputation: 0
#1
Aug 26, 2024, 05:04 PM

  1.  Exploit a SSRF vulnerability to identify an internal web application. Access the internal application to obtain the flag. -> HTB{911fc5badf7d65aed95380d536c270f8}
  2. Exploit the SSRF vulnerability to identify an additional endpoint. Access that endpoint to obtain the flag. -> HTB{61ea58507c2b9da30465b9582d6782a1}
  3. Exploit the SSRF to identify open ports on the system. Which port is open in addition to port 80? -> 5000
  4. Apply what you learned in this section and identify the Template Engine used by the web application. Provide the name of the template engine as the answer. -> Twig
  5. Exploit the SSTI vulnerability to obtain RCE and read the flag. -> HTB{295649e25b4d852185ba34907ec80643}
  6. Exploit the SSTI vulnerability to obtain RCE and read the flag. -> HTB{5034a6692604de344434ae83f1cdbec6}
  7. Exploit the SSI Injection vulnerability to obtain RCE and read the flag. -> HTB{81e5d8e80eec8e961a31229e4a5e737e}
  8. Exploit the XSLT Injection vulnerability to obtain RCE and read the flag. -> HTB{3a4fe85c1f1e2b61cabe9836a150f892}
  9. Obtain the flag -> HTB{3b8e2b940775e0267ce39d7c80488fc8}
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [FREE] CPTS 12 FLAGS pulsebreaker 66 1,774 2 hours ago
Last Post: vlka
  [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired Tamarisk 370 92,500 7 hours ago
Last Post: lifolifo007
  Hack the box Pro Labs, VIP, VIP+ 1 month free Method RedBlock 23 2,209 10 hours ago
Last Post: kkkato
  [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags Techtom 20 2,521 Apr 29, 2026, 11:06 PM
Last Post: op334
Heart [FREE] HackTheBox All Cheatsheets Tamarisk 3 414 Apr 29, 2026, 10:36 PM
Last Post: op334

Forum Jump:


 Users browsing this forum: 1 Guest(s)