Expressway HackTheBox walkthough Introduction Expressway is a HackTheBox machine focused on IPSec/IKE reconnaissance and PSK cracking, SSH pivoting, and a hostname‑based sudo bypass ideal for …

InfoSecWriteUps' platform is  dedicated to providing insights and resources for cybersecurity professionals and enthusiasts. Through articles, tutorials, and security research, InfoSecWriteUps offers insights into cybersecurity vulnerabilities, attack techniques, and defense strategies. Readers can learn about penetration testing, threat intelligence, and incident response to enhance their cybersecurity knowledge and skills.

InfoSec Write-ups

A detailed walkthrough of the HackTheBox Expressway machine demonstrates IPSec/IKE reconnaissance, PSK cracking using aggressive mode, SSH access with cracked credentials, and privilege escalation through a hostname-based sudo bypass vulnerability. The guide covers UDP enumeration revealing IKE services, extracting and cracking pre-shared keys with ike-scan and psk-crack, discovering internal hostnames through Squid proxy logs, and exploiting a custom sudo binary (version 1.9.17) by specifying an alternate hostname to gain root access.

Expressway HackTheBox walkthough. HTB Expressway walkthrough — IKE PSK…