Machine Synopsis
`Interpreter` is a medium-difficulty Linux machine running Mirth Connect, an open-source healthcare integration engine developed by NextGen Healthcare. Enumerating the web interface reveals that the deployed version, `4.4.0`, is vulnerable to CVE-2023-43208. This is a pre-authentication insecure deserialization flaw that grants remote code execution and an initial foothold as the `mirth` service account. From there, database credentials stored in the Mirth configuration provide access to the local MariaDB instance, where a `PBKDF2-HMAC-SHA256` password hash belonging to the user `sedric` is recovered and cracked offline to obtain SSH access. For privilege escalation, a root-owned Flask notification service listening on localhost builds a template string and evaluates it with `eval()`. A permissive character whitelist still allows curly braces, enabling Python f-string injection which, combined with Base64 encoding to bypass the space restriction, drops a SUID `bash` binary and yields a root shell.
Machine Matrix