|
|
|
| . | . |
/darkportal?token=ZnJvbXRoZWFiaXNz
It reads a file, XOR-decrypts it with a hardcoded key, then executes the output as a shell command if it starts with RUNECMD: . htb dark runes
Hack The Box (HTB) is a popular online platform that offers a virtual environment for cybersecurity enthusiasts to practice their hacking skills. One of the many challenges available on HTB is "Dark Runes," a Linux-based box that requires a combination of enumeration, exploitation, and privilege escalation techniques to gain root access. In this article, we'll guide you through the process of solving Dark Runes, providing you with a comprehensive understanding of the steps involved and the techniques used. /darkportal
Access DB:
Try re-creating the rune_decoder binary and see if you can find a different way to escalate without touching the root flag. In this article, we'll guide you through the
✅ RCE achieved.
psql -U rune_walker -h localhost darkrunes -W