Open in app

Sign in

Write

Sign in

Hotel HackMyVm Walkthrough

introduction

Musyoka Ian
Jan 16, 2023

Hello guys and welcome back for another walkthrough this time we are going to be tackling a machine from HackMyVm called Hotel a CTF like machine where we gain an initial foothold by exploit a remote code execution vulnerability (RCE) in a web application software called HotelDruid then after getting a shell on the box we find a ttylog file and using ttyplay we are able to read the file and get credential of the user person login into the system via SSH as the person user then exploit a misconfiguration on wkhtmltopdf to get root on the box it’s a really nice challenge and we are going to be doing a little bit of port forwarding using ngrok without much say let jump in

I recorded a Youtube video of the challenge and below is the URL you can use to access

Remote Code Execution
Hackmyvm
Hotel
Walkthrough
Privilege Escalation

--

--

Musyoka Ian

Written by Musyoka Ian

706 Followers

Penetration Tester/Analytical Chemist who Loves Cybersecurity. GitHub(https://github.com/musyoka101), ExploitDB(https://www.exploit-db.com/?author=10517)

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams