· Manuel López Pérez · writeups
WriteUp – Curling (HackTheBox)
Curling write-up (HackTheBox): easy Linux machine that exploits Joomla with credentials leaked in comments, uploads webshell via template, obtains floris credentials via password_backup, and escalates to root with DirtySock (CVE-2019-7304).