skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

HTB Strutted Walkthrough Exploiting Apache Struts 2 CVE for Root Access

/ 1 min read

🔑 Successful Exploitation of Apache Struts 2 CVE Leads to Root Access on HackTheBox Machine. In a detailed walkthrough, the author demonstrates how to exploit a vulnerability in Apache Struts 2 (CVE-2024–53677) to gain initial access to a medium Linux machine on HackTheBox. The process involves reconnaissance, including Nmap scans and directory fuzzing, followed by a successful file upload exploit that circumvents file type restrictions. After obtaining user-level access, the author leverages misconfigured sudo permissions for tcpdump to escalate privileges and achieve root access. The write-up provides a step-by-step guide, including command examples and techniques for executing commands as root, culminating in a successful hack.

Source
{entry.data.source.title}
Original