Rated Medium from HackTheBox, created by mostwanted002. We learn about bad practices in storing static java web tokens in cookies and breaking out of docker via runC based on CVE-2019-5736.
Rated Medium by HackTheBox, created by felamos. Through this machine, we learn about a YAML deserialization vulnerability, the horror of password re-use and bad programming practices by using relative paths for critical files.