HackTheBox - Puppy Writeup
HackTheBox - Puppy Writeup
HackTheBox - Puppy Writeup
Overview
Puppy is an easy-rated Linux machine on HackTheBox that focuses on web application security and privilege escalation. This machine provides an excellent opportunity to practice SQL injection and file upload vulnerabilities.
Initial Reconnaissance
Starting with a standard Nmap scan, we discovered several open ports:
- Port 22 (SSH)
- Port 80 (HTTP)
The web application running on port 80 appeared to be a simple photo gallery application.
Exploitation
Web Application Analysis
The web application had a login page that was vulnerable to SQL injection. Using
This post is licensed under
CC BY 4.0
by the author.
💡 Like what you’re reading?
If this write-up added value to your learning or workflow, feel free to support continued content like this.
☕ Support via PayPal