Snoopy
Snoopy
Snoopy 541
Snoopy
RETIRED MACHINE

Snoopy

Snoopy - Linux Linux
Snoopy - Hard Hard

4.8

MACHINE RATING

1402

USER OWNS

1331

SYSTEM OWNS

06/05/2023

RELEASED
Created by ctrlzero

Machine Synopsis

Snoopy is a Hard Difficulty Linux machine that involves the exploitation of an LFI vulnerability to extract the configuration secret of `Bind9`. The obtained secret allows the redirection of the `mail` subdomain to the attacker's IP address, facilitating the interception of password reset requests within the `Mattermost` chat client. Within that service, a custom plugin designed for web admins to log into remote servers is manipulated to direct them to a server set up as an `SSH honeypot`, leading to the interception of `cbrown`'s credentials. Exploiting the privileges of `cbrown`, the attacker utilizes the ability to execute `git apply` as `sbrown`, resulting in a unique symlinking attack for privilege escalation. The final stage involves the abuse of `CVE-2023-20052` to include the `root` user's `SSH` key into a file via `XXE`, with the payload scanned by `clamscan` to trigger the `XXE` output in the debug response.

Machine Matrix

Ready to start your
hacking journey?