Platform: Hack The Box
Season: 9
Difficulty: Easy
OS: Linux
Date: 2025-10-28
Author: x4cc3
CodePartTwo is an Easy Linux machine discovered via a web application that downloads an Android APK. Reverse engineering the APK reveals hardcoded Firebase credentials leading to Firestore database access. Initial exploitation involves an SSRF vulnerability in the web app that allows hitting internal services. From there, credential harvesting from internal databases leads to SSH access as marco, and privilege escalation exploits a misconfigured NPBackup tool with post_exec_commands for root command execution.
Network enumeration with RustScan.
RustScan results
Landing page
Download app button