Love
Love
Love 344
Love
RETIRED MACHINE

Love

Love - Windows Windows
Love - Easy Easy

4.5

MACHINE RATING

13042

USER OWNS

11739

SYSTEM OWNS

01/05/2021

RELEASED
Created by pwnmeow

Machine Synopsis

Love is an easy windows machine where it features a voting system application that suffers from an authenticated remote code execution vulnerability. Our port scan reveals a service running on port 5000 where browsing the page we discover that we are not allowed to access the resource. Furthermore a file scanner application is running on the same server which is though effected by a SSRF vulnerability where it's exploitation gives access to an internal password manager. We can then gather credentials for the voting system and by executing the remote code execution attack as phoebe user we get the initial foothold on system. Basic windows enumeration reveals that the machine suffers from an elevated misconfiguration. Bypassing the applocker restriction we manage to install a malicious msi file that finally results in a reverse shell as the system account.

Machine Matrix

Ready to start your
hacking journey?