Post

WordPress & Initctl on ChromeOS - Spectra @ HackTheBox

My video about Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us to upload a malicious plugin via Metasploit and get a shell. For root, we replace a file that is executed if we run sudo initctl.

This post is licensed under CC BY 4.0 by the author.