Machine Synopsis

Download is a hard difficulty Linux machine that highlights the exploitation of Object-Relational Mapping (ORM) injection. The initial step is to identify a Local File Inclusion (LFI ) vulnerability in the web application. Through this vulnerability, we gain access to the source code and obtain the cookie secret, enabling us to create and sign our own cookies. Additionally, the source code exposes an ORM injection vulnerability, which allows us to extract the hashed password of a user. By cracking the hash we obtain SSH access to the box. To escalate privileges, we exploit a bug in TIOCSTI to push arbitrary commands character-by-character into the STDIN stream of a higher-privileged terminal, ultimately achieving `root` access.