HTB - SmartHire Write-Up

Summary SmartHire is a medium-difficulty Linux machine from HackTheBox. It hosts an AI hiring platform built with Flask on nginx, using MLflow for model management. Initial access is gained via CVE-2024-37054, a pickle deserialization vulnerability in MLflow that allows remote code execution by overwriting a model artifact with a malicious payload. Privilege escalation exploits a writable plugin directory combined with a sudo rule — a crafted .pth file executed by site.addsitedir() runs as root. ...

30-05-2026 · 4 min · phucrio

HTB - IClean Write-Up

Summary This write-up documents a full exploitation path for the HTB machine IClean. Primary findings: information disclosure and web vulnerabilities led to user access via an SSTI/XSS chain; credentials from application code allowed database access; qpdf misconfiguration enabled root privilege escalation. Goal: demonstrate methodology and reasoning (recon → enumeration → exploitation → privilege escalation → remediation). Target Host: 10.10.11.12 (lab address) Domain mapped locally: capiclean.htb Reconnaissance Start with a standard service/version scan: ...

17-09-2024 · 3 min · phucrio