HackTheBox CodePartTwo walkthrough exploiting js2py RCE (CVE-2024-28397) to gain a shell, extract credentials, and escalate to root.

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A detailed penetration testing walkthrough of the HackTheBox CodePartTwo machine. The exploitation chain begins with discovering a vulnerable js2py 0.74 dependency (CVE-2024-28397) in a Flask web application, leading to remote code execution through a sandbox escape. After gaining initial access, credentials are extracted from an SQLite database and cracked to pivot to the marco user account. Privilege escalation to root is achieved by exploiting misconfigured sudo permissions on the npbackup-cli binary, allowing arbitrary file reads including the root flag.

CodePartTwo HTB Walkthrough

Get Death Esther ’s stories in your inbox

Initial post‑exploitation: user discovery