OneTwoSeven
OneTwoSeven
OneTwoSeven 185
OneTwoSeven
RETIRED MACHINE

OneTwoSeven

OneTwoSeven - Linux Linux
OneTwoSeven - Hard Hard

5

MACHINE RATING

2251

USER OWNS

1354

SYSTEM OWNS

20/04/2019

RELEASED
Created by jkr

Machine Synopsis

OneTwoSeven is a hard difficulty Linux box which provides users with SFTP access. The SFTP shell allows for creating symlinks, which can be abused to gain access to the administrative panel. The admin panel has a restricted upload imposed by Apache rewrite rules. These can be bypassed to upload a php shell. The www user has permissions to upgrade local packages, but due to a misconfiguration, a proxy server can be used to install a malicious package to execute code as root.

Machine Matrix

Ready to start your
hacking journey?