Just finished HTB Craft and published a beginner-friendly walkthrough as part of my WhyWriteUps series — where I explain not just the commands but why each step works.
The box covers a solid range of techniques: finding credentials in a public Gogs repository, exploiting a Python eval() injection in a Flask REST API to get code execution, enumerating a MySQL database running in a separate Docker container, and finally abusing a misconfigured HashiCorp Vault SSH OTP setup to escalate to root.
I'm doing this as part of the CPTS Preparation Track on HTB Academy, so I've included notes on which techniques map to Academy modules and where this box goes beyond the curriculum — Vault SSH OTP in particular isn't covered but the enumeration mindset that leads you there definitely is.
Writeup is available on both Medium and GitHub Pages. Feedback welcome, especially from other CPTS preppers!
[link] [comments]
from hacking: security in practice https://ift.tt/VN0LOcJ
Comments
Post a Comment