Keeper is an easy machine on the HackTheBox website. To gain initial access, we need to exploit a vulnerability on the Request Tracker web service. Once we find an SSH user credential, we can access…

SystemWeakness's platform is  dedicated to cybersecurity education and awareness, offering insights into common security vulnerabilities, attack techniques, and risk mitigation strategies. Through articles, tutorials, and security advisories, SystemWeakness offers insights into securing software applications, networks, and systems from cyber threats. Readers can learn about secure coding practices, penetration testing methodologies, and incident response procedures to strengthen their cybersecurity posture and protect against cyber attacks.

System Weakness

The post discusses the process of gaining initial access to the Keeper machine on HackTheBox, exploiting a vulnerability in the Request Tracker web service. It covers the enumeration, initial access, and privilege escalation steps. The post emphasizes the importance of misconfiguration, default credentials, and information disclosure.

Keeper Write-up