HTB: Busqueda - OSCP Prep Write-up
Version numbers in page footers exist for a reason. Searchor 2.4.0 handed over the foothold; a kernel exploit closed it out. Machine info Name Busqueda Platform HackTheBox OS Linux Difficulty Easy TL;DR Nmap reveals a web app on port 80 - the page footer discloses “Powered by Flask and Searchor 2.4.0” Searchor 2.4.0 is vulnerable to arbitrary command injection; a public exploit delivers a reverse shell as svc Privilege escalation via DirtyFrag (universal Linux LPE): compile and run the PoC to get root Recon Add host to /etc/hosts ...