HTB: Knife Walkthrugh
Plattform: Hack the BoxLink: https://www.hackthebox.com/machines/knifeDifficulty: Easy 🟠 Enumeration As usual start with nmap.. Port 80 is open, the website which is hosted is just a static page nothing special to find there. So lets see whats running under the hood. PHP 8.1.0 DEV looks interesting, lets see if there is a vulnerability. https://github.com/flast101/php-8.1.0-dev-backdoor-rce/blob/main/README.md An exploit for …