git

MACHINE Linux

HackTheBox: Craft

A Linux box: a public Gogs repo leaks Dinesh's credentials and an eval() injection in the craft-api beer endpoint gives RCE inside a Docker container, the database yields Gilfoyle's login, a private repo holds his SSH key, and a HashiCorp Vault SSH OTP backend issues a root login.

MACHINE Linux

HackTheBox: Editorial

An Easy Linux box where one SSRF cascades to root: a Cover URL field fetches internal services, an SSRF port scan finds an internal API on 5000 leaking dev's SSH credentials, git history exposes the prod password, and a sudo GitPython script (CVE-2022-24439) runs an ext:: URL through sh for a root shell.