Hello, everyone! Welcome back to my infosec journey. Today, I’ll be discussing Pilgrimage, an “easy” machine on the hackthebox.com website. To pwn this box, one can dump an exposed git repository and…

SystemWeakness's platform is  dedicated to cybersecurity education and awareness, offering insights into common security vulnerabilities, attack techniques, and risk mitigation strategies. Through articles, tutorials, and security advisories, SystemWeakness offers insights into securing software applications, networks, and systems from cyber threats. Readers can learn about secure coding practices, penetration testing methodologies, and incident response procedures to strengthen their cybersecurity posture and protect against cyber attacks.

System Weakness

The article discusses the process of hacking the Pilgrimage machine on hackthebox.com using an exposed git repository, a vulnerability in the ImageMagick program (CVE-2022–44268), and a vulnerability in Binwalk (CVE-2022–4510). It provides step-by-step details on exploiting these vulnerabilities to gain access to user and root directories.

Pilgrimage HTB write up