Machine Synopsis

`Giveback` is a medium-difficulty Linux box featuring a `WordPress` site vulnerable to an insecure deserialization flaw in the Give plugin, known as [CVE-2024-5932](https://nvd.nist.gov/vuln/detail/CVE-2024-5932), which allows unauthenticated remote code execution and provides an initial foothold in a containerized environment. Further enumeration reveals an internal service exposed via environment variables, accessible via port forwarding. Lateral movement is achieved by exploiting a `PHP-CGI` argument injection vulnerability [CVE-2024-4577](https://nvd.nist.gov/vuln/detail/CVE-2024-4577), resulting in command execution as the root user within the container. Enumeration of `Kubernetes` service account secrets allows the extraction of credentials, leading to SSH access to the host. Privilege escalation is achieved by exploiting a `runc` debug wrapper vulnerable to [CVE-2024-21626](https://nvd.nist.gov/vuln/detail/CVE-2024-21626), resulting in full root access on the host system.