HackTheBox: Pollution
A Hard Linux box: a leaked Burp history file in a MyBB forum exposes an admin token, an XXE in the admin panel reads files to crack an .htpasswd hash, a Redis session write bypasses the developers login, a PHP filter-chain LFI gives a www-data shell, a FastCGI attack on php-fpm pivots to victor, and lodash prototype pollution in a root Node.js API escalates to root.
Read 