HackTheBox: Craft
A Linux box: a public Gogs repo leaks Dinesh's credentials and an eval() injection in the craft-api beer endpoint gives RCE inside a Docker container, the database yields Gilfoyle's login, a private repo holds his SSH key, and a HashiCorp Vault SSH OTP backend issues a root login.
Read 