0xdf.gitlab.io/2018/10/20/htb-tartarsauce.html
Preview meta tags from the 0xdf.gitlab.io website.
Linked Hostnames
10- 22 links to0xdf.gitlab.io
- 5 links toapp.hackthebox.com
- 2 links toyoutube.com
- 1 link togithub.com
- 1 link togitlab.com
- 1 link tohackthebox.com
- 1 link toinfosec.exchange
- 1 link towww.buymeacoffee.com
Search Engine Appearance
HTB: TartarSauce
TartarSauce was a box with lots of steps, and an interesting focus around two themes: trolling us, and the tar binary. For initial access, I’ll find a barely functional WordPress site with a plugin vulnerable to remote file include. After abusing that RFI to get a shell, I’ll privesc twice, both times centered around tar; once through sudo tar, and once needing to manipulate an archive before a sleep runs out. In beyond root, I’ll look at some of the rabbit holes I went down, and show a short script I created to quickly get initial access and do the first privesc in one step.
Bing
HTB: TartarSauce
TartarSauce was a box with lots of steps, and an interesting focus around two themes: trolling us, and the tar binary. For initial access, I’ll find a barely functional WordPress site with a plugin vulnerable to remote file include. After abusing that RFI to get a shell, I’ll privesc twice, both times centered around tar; once through sudo tar, and once needing to manipulate an archive before a sleep runs out. In beyond root, I’ll look at some of the rabbit holes I went down, and show a short script I created to quickly get initial access and do the first privesc in one step.
DuckDuckGo
https://0xdf.gitlab.io/2018/10/20/htb-tartarsauce.htmlHTB: TartarSauce
TartarSauce was a box with lots of steps, and an interesting focus around two themes: trolling us, and the tar binary. For initial access, I’ll find a barely functional WordPress site with a plugin vulnerable to remote file include. After abusing that RFI to get a shell, I’ll privesc twice, both times centered around tar; once through sudo tar, and once needing to manipulate an archive before a sleep runs out. In beyond root, I’ll look at some of the rabbit holes I went down, and show a short script I created to quickly get initial access and do the first privesc in one step.
General Meta Tags
9- titleHTB: TartarSauce | 0xdf hacks stuff
- nameHTB: TartarSauce
- charsetutf-8
- X-UA-CompatibleIE=edge
- viewportwidth=device-width, initial-scale=1
Open Graph Meta Tags
6- og:titleHTB: TartarSauce
og:localeen_US- og:descriptionTartarSauce was a box with lots of steps, and an interesting focus around two themes: trolling us, and the tar binary. For initial access, I’ll find a barely functional WordPress site with a plugin vulnerable to remote file include. After abusing that RFI to get a shell, I’ll privesc twice, both times centered around tar; once through sudo tar, and once needing to manipulate an archive before a sleep runs out. In beyond root, I’ll look at some of the rabbit holes I went down, and show a short script I created to quickly get initial access and do the first privesc in one step.
- og:urlhttps://0xdf.gitlab.io/2018/10/20/htb-tartarsauce.html
- og:site_name0xdf hacks stuff
Twitter Meta Tags
2- twitter:cardsummary
- twitter:site@0xdf_
Link Tags
11- alternatehttps://0xdf.gitlab.io/feed.xml
- canonicalhttps://0xdf.gitlab.io/2018/10/20/htb-tartarsauce.html
- icon/assets/icons/favicon-32x32.png
- icon/assets/icons/favicon-16x16.png
- stylesheet/assets/css/bootstrap-toc.min.css
Emails
1Links
36- https://0xdf.gitlab.io
- https://0xdf.gitlab.io/2018/10/20/htb-tartarsauce.html
- https://0xdf.gitlab.io/2018/10/21/htb-tartarsauce-part-2-backuperer-follow-up.html
- https://0xdf.gitlab.io/about
- https://0xdf.gitlab.io/cheatsheets