Late
Late
Late 463
Late
RETIRED MACHINE

Late

Late - Linux Linux
Late - Easy Easy

3.1

MACHINE RATING

7248

USER OWNS

6715

SYSTEM OWNS

23/04/2022

RELEASED
Created by kavigihan

Machine Synopsis

Late is an Easy Linux machine that features a Server Side Template Injection (SSTI) vulnerability in a text reading application, which leads to Remote Code Execution as user `svc_acc`. Enumeration for files owned by this user reveals a script that is executed whenever an SSH connection to the system is initiated or dropped. This script runs as the `root` user, however, enumeration of the file attributes show that it cannot be directly edited, but data can be appended. A reverse shell can be added at the end of this script in order to gain a shell as `root`.

Machine Matrix

Ready to start your
hacking journey?