HTB Writeup – Interpreter
Posted on 2026-02-22
Mirth CVE-2023-43208 RCE to root via Python f-string injection
Capture the flags!
Mirth CVE-2023-43208 RCE to root via Python f-string injection
WingFTP RCE (CVE-2025-47812), Python tarfile overflow (CVE-2025-4517)
Php lfi2rce (CVE-2025-49132), udisks fs privesc (CVE-2025-601[8|9])
Wifi pivot game: capture deauthed hankshakes & Eaphammer theft
Chrome extension JavaScript injection & Python .pyc poisoning
There is no excerpt because this is a protected post.
CVE-2025-24367 (Cacti Auth RCE), CVE-2025-9074 (Docker Desktop Escape)
SQL injection abusing PDO substitution in PHP Prepared Statement