Unrested is all about a Zabbix server and a critical vulnerability that was made public in December 2024. It’s a SQL injection vulnerability, and I’ll deep dive into the source to see how it works, and how to exploit it. Most solutions to this box show blind SQL injection, I’ll show how to use the source code to figure out how to get data back from the DB. For root, I’ll abuse sudo nmap with a custom wrapper that breaks the published GTFObins. In Beyond Root, I’ll look at another vulnerability that came out at the same time, and show what the super admin role looks like in the GUI by escalating my user to that role.

0xdf hacks stuff

The post explores the exploitation of a critical SQL injection vulnerability in a Zabbix server made public in December 2024. It details how to use the source code to extract data from the database, gain root access by exploiting sudo nmap with a custom wrapper, and achieve remote code execution (RCE). It also discusses additional vulnerabilities, including CVE-2024-36467 and CVE-2024-42327. Practical steps for enumeration, code execution, and privilege escalation are provided.

HTB: Unrested