We are going to solve Spectra, a 20-point machine on HackTheBox that involves admin access to a WordPress site, allowing us to upload a malicious plugin via Metasploit and get a shell. For root, we replace a file that is executed if we run sudo initctl.
Join the discord: https://discord.gg/qdbJqXKPQ3 !
[ Timestamps ]
[ Notes & Links ]
[ Desktop ]
[ About ]
This is purely educational content – all practical work is done in environments that allow and encourage offensive security training.