🧊Arctic

https://app.hackthebox.com/machines/9

After a Nmap →

In a subfile i found an admin login panel:

after looking for some exploits i found something interesting:

After looking at the payload, you can modify these:

run the exploit with a

python 50057.py

You can start a listener or let the payload generate one for you, and see:

after some quick enumeration we found some interesting stuff:

as well as

unicorn - https://github.com/trustedsec/unicorn.git