Investigation
Investigation
Investigation 525
Investigation
RETIRED MACHINE

Investigation

Investigation - Linux Linux
Investigation - Medium Medium

4.5

MACHINE RATING

4172

USER OWNS

3876

SYSTEM OWNS

21/01/2023

RELEASED
Created by Derezzed

Machine Synopsis

Investigation is a Linux box rated as medium difficulty, which features a web application that provides a service for digital forensic analysis of image files. The server utilizes the ExifTool utility to analyze the image, however, the version being used has a command injection vulnerability that can be exploited to gain an initial foothold on the box as the user `www-data`. By analyzing logs found in a Windows Event logs file, it is possible to escalate privileges to the user `smorton`. To achieve the final goal of gaining root access, the user must reverse engineer a binary that can be run by the user `smorton` with sudo access and then exploit it to elevate privileges to root.

Machine Matrix

Ready to start your
hacking journey?