Linux – Page 2 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Hack The Box: Environment Machine Walkthough-Medium Difficulty

Environment HTB: Full User & Root Flag Capture Through Exploitation

Captured both the user and root flags on the Environment HTB machine! We exploited Laravel 11.30.0 (PHP 8.2.28) vulnerabilities, including argument injection (CVE-2024-52301) and UniSharp Laravel Filemanager code injection. By bypassing authentication with `–env=preprod` and leveraging the profile upload feature, we executed a PHP reverse shell and retrieved the user flag via `cat user.txt`. For root access, we decrypted `keyvault.gpg` from the `.gnupg` directory to obtain credentials and exploited sudo with preserved BASH\_ENV by crafting a script that spawned a privileged shell, ultimately gaining full control of the system.

#CyberSecurity #HTB #PenTesting #EthicalHacking #LaravelExploits #PrivilegeEscalation #PHP #Infosec #BugBounty #RedTeam

The post Hack The Box: Environment Machine Walkthough-Medium Difficulty appeared first on Threatninja.net.

September 6, 2025

0 comment

Linux UDisks Daemon Vulnerability Lets Attackers Access Privileged User Files

Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts. The vulnerability, tracked as CVE-2025-8067, was pu…

September 1, 2025

0 comment

Hack The Box: Eureka Machine Walkthrough – Hard Dificulty

I enumerated Spring Boot Actuator endpoints, including /actuator/heapdump, which revealed plaintext credentials for oscar190. SSH login as oscar190 was successful, though the home directory was empty. Analysis of application.properties exposed Eureka credentials (EurekaSrvr:0scarPWDisTheB3st), granting access to the Eureka dashboard. By registering a malicious microservice, I retrieved miranda.wise credentials and captured the user flag. For privilege escalation, I identified a vulnerable log_analyse.sh script, performed command injection, and created a SUID bash shell in /tmp/bash. Executing this shell provided root access, allowing retrieval of the root flag and full control of the machine.

#CyberSecurity #EthicalHacking #HackTheBox #PenTesting #PrivilegeEscalation #WebSecurity #SpringBoot #CTF #BugHunting #InfoSec #RedTeam #OffensiveSecurity

The post Hack The Box: Eureka Machine Walkthrough – Hard Dificulty appeared first on Threatninja.net.

August 30, 2025

0 comment

First AI-Powered Ransomware PromptLock Targets Windows, Linux and macOS

ESET has identified PromptLock, the first AI-powered ransomware, using OpenAI models to generate scripts that target Windows, Linux…

August 28, 2025

0 comment

APT36 Targets Indian BOSS Linux Using Weaponized .desktop Shortcut Files

Researchers have unveiled ONEFLIP, a novel inference-time backdoor attack that compromises full-precision deep neural networks (DNNs) by flipping just one bit in the model’s weights, marking a significant escalation in the practicality of hardwar…

August 27, 2025

0 comment

Arch Linux Project Responding to Week-Long DDoS Attack

The Arch Linux Project has been targeted in a DDoS attack that disrupted its website, repository, and forums.
The post Arch Linux Project Responding to Week-Long DDoS Attack appeared first on SecurityWeek.

August 25, 2025

0 comment

Happy Birthday Linux! 34 Years of Open-Source Power

August 25, 2025, marks the 34th anniversary of Linux, a project that began as a modest hobby and has grown into the bedrock of modern digital infrastructure. On this day in 1991, 21-year-old Finnish student Linus Torvalds posted to the comp.os.minix ne…

August 25, 2025

0 comment

Stealth Threat Unpacked: Weaponized RAR Files Deliver VShell Backdoor on Linux Systems

Trellix Advanced Research Center has exposed an infection chain that weaponises nothing more than a filename to compromise Linux hosts. A spam message masquerading as a beauty-product survey offers a small reward and carries a RAR archive, yy.rar. When…

August 22, 2025

0 comment

Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection

Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]

August 21, 2025

0 comment

RingReaper Malware Targets Linux Servers, Stealthily Evading EDR Solutions

A new malware campaign dubbed RingReaper has emerged, targeting servers with advanced post-exploitation capabilities that exploit the kernel’s io_uring asynchronous I/O interface to bypass Endpoint Detection and Response (EDR) systems. This sophi…

August 21, 2025

0 comment

1 2 3 4 … 39