webhard
Browsed
hackthebox
Task: Full box exploitation of a website that processes Chrome extensions in headless browser. Solution: Upload malicious extension using chrome.debugger API for SSRF, exploit bash arithmetic evaluation injection ([[ $var -eq 0 ]]) for RCE as user, then poison Python .pyc cache with matching timestamp/size in world-writable __pycache__ for root privilege escalation.
$ ls tags/ techniques/
flaskssrfbash_arithmetic_injectionprivilege_escalationchrome_extensiondebugger_apipyc_cache_poisoninggiteaheadless_chrome
malicious_extension_uploadchrome_debugger_ssrfbash_eq_injectionpython_bytecode_poisoningtimestamp_bypass
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Create a free account with GitHub, then upgrade to Pro.
$ssh [email protected]