Bookworm
Bookworm
Bookworm 544
Bookworm
RETIRED MACHINE

Bookworm

Bookworm - Linux Linux
Bookworm - Insane Insane

3.9

MACHINE RATING

1016

USER OWNS

785

SYSTEM OWNS

27/05/2023

RELEASED
Created by JoshSH

Machine Synopsis

Bookworm is an insane Linux machine that features a number of web exploitation techniques. It features a website for a book store with a checkout process vulnerable to HTML injection, as well as an IDOR vulnerability that allows the updating of shop baskets for any user. Leveraging these vulnerabilities is possible by taking advantage of an insecure avatar file upload, where a malicious JavaScript file can be uploaded to bypass CSP restrictions. By exploiting this chain of vulnerabilities a CSRF payload is crafted to enumerate hidden endpoints and discover an LFI to leak database credentials for the underlying ExpressJS web application. Lateral movement is achieved by exploiting an LFI and a symlink vulnerability with an eBook conversion utility. Finally, sudo access to a script susceptible to SQL Injection leads to privileged arbitrary file read/write through a PostScript template, leading to a shell as root.

Machine Matrix

Ready to start your
hacking journey?