# [Writeups](./Writeups/writup.html)
# [Coding](./Coding/coding.html)
<div class="language-js highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c1">// Javascript code with syntax highlighting.</span>
<span class="kd">var</span> <span class="nx">fun</span> <span class="o">=</span> <span class="kd">function</span> <span class="nx">lang</span><span class="p">(</span><span class="nx">l</span><span class="p">)</span> <span class="p">{</span>
<span class="nx">dateformat</span><span class="p">.</span><span class="nx">i18n</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./lang/</span><span class="dl">"</span> <span class="o">+</span> <span class="nx">l</span><span class="p">);</span>
<span class="k">return</span> <span class="kc">true</span><span class="p">;</span>
<span class="p">};</span>
<div class="language-ruby highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="c1"># Ruby code with syntax highlighting</span>
<span class="no">GitHubPages</span><span class="o">::</span><span class="no">Dependencies</span><span class="p">.</span><span class="nf">gems</span><span class="p">.</span><span class="nf">each</span> <span class="k">do</span> <span class="o">|</span><span class="n">gem</span><span class="p">,</span> <span class="n">version</span><span class="o">|</span>
<span class="n">s</span><span class="p">.</span><span class="nf">add_dependency</span><span class="p">(</span><span class="n">gem</span><span class="p">,</span> <span class="s2">"= </span><span class="si">#{</span><span class="n">version</span><span class="si">}</span><span class="s2">"</span><span class="p">)</span>
<span class="k">end</span>
<div class="language-python highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="k">def</span> <span class="nf">fun</span><span class="p">():</span>
<span class="k">print</span><span class="p">(</span><span class="s">"Hello world!"</span><span class="p">)</span>
<span class="k">return</span>

Ready is a medium difficulty Linux machine. A vulnerable version of GitLab server leads to a remotecommand execution, by exploiting a combination of SSRF and CRLF vulnerabilities. Bad permission on abacked up configuration file of the Gitlab server, reveals a password that is found to be reusable for theuser root, inside a docker container. After root access is acquired, escaping the container is possible sinceit is running in privileged mode.

# Skills learned
<li>SSRF &amp; CRLF Attacks</li>
<li>Docker Escape</li>
[back](../writup)

# [Python]()

## Welcome to another page
[back](./)

GitHub Pages for writeups, programming, Walkthroughts

# [Ready](./Ready/Ready.html)
Ready is a medium difficulty Linux machine. A vulnerable version of GitLab server leads to a remotecommand execution, by exploiting a combination of SSRF and CRLF vulnerabilities.

layout: pages
description: Programming
# [Python]()

layout: post
author: Aju ALex
pdf_url: ready.pdf
title: Ready
date: 2021-05-15
publish: True
description: "Ready is a medium difficulty Linux machine. A vulnerable version of GitLab server leads to a remotecommand execution, by exploiting a combination of SSRF and CRLF vulnerabilities. Bad permission on abacked up configuration file of the Gitlab server, reveals a password that is found to be reusable for theuser root, inside a docker container. After root access is acquired, escaping the container is possible sinceit is running in privileged mode."
# Skills learned
- SSRF & CRLF Attacks
- Docker Escape

layout: pages
description: Hackthebox
# [Ready](./Ready/Ready.html)
Ready is a medium difficulty Linux machine. A vulnerable version of GitLab server leads to a remotecommand execution, by exploiting a combination of SSRF and CRLF vulnerabilities.

title: Hacker theme
description: Hacker is a theme for GitHub Pages.
show_downloads: true
title: Hacker blog
description: GitHub Pages for writeups, programming, Walkthroughts
show_downloads: false
theme: jekyll-theme-hacker

<a href="{{ site.github.zip_url }}" class="btn">Download as .zip</a>
<a href="{{ site.github.tar_url }}" class="btn">Download as .tar.gz</a>
{% endif %}
<a href="{{ site.github.repository_url }}" class="btn btn-github"><span class="icon"></span>View on GitHub</a>
{% if page.pdf_url %}
{% if page.publish %}
<a href="{{ page.pdf_url }}" class="btn btn-github"><span class="icon"></span>View as Pdf</a>
{% endif %}
{% endif %}

<!DOCTYPE html>
<html lang="{{ site.lang | default: "en-US" }}">
<meta charset='utf-8'>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="{{ '/assets/css/style.css?v=' | append: site.github.build_revision | relative_url }}">
{% seo %}
<div class="container">
<a id="a-title" href="{{ '/' | relative_url }}">
<h1>{{ site.title | default: site.github.repository_name }}</h1>
<h2>{{ page.description }}</h2>
<section id="downloads">
{% if site.show_downloads %}
<a href="{{ site.github.zip_url }}" class="btn">Download as .zip</a>
<a href="{{ site.github.tar_url }}" class="btn">Download as .tar.gz</a>
{% endif %}
<a href="{{ '/' | relative_url }}" class="btn btn-github"><span class="icon"></span>View Home</a>
<div class="container">
<section id="main_content">
{{ content }}
{% if site.google_analytics %}
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
ga('create', '{{ site.google_analytics }}', 'auto');
ga('send', 'pageview');
{% endif %}

layout: default
{% if page.publish %}
<small>{{ | date: "%-d %B %Y" }}</small>
<h1>{{ page.title }}</h1>
<p class="view">by {{ | default: }}</p>
{% if page.tags %}
<small>tags: <em>{{ page.tags | join: "</em> - <em>" }}</em></small>
{% endif %}
{{content}} {% if page.tags %}
<small>tags: <em>{{ page.tags | join: "</em> - <em>" }}</em></small>
{% endif %} {% endif %}

layout: default
<h1>{{ page.writeups }}</h1>
{% for wp in page.writeups %}
{% endfor %}
<p class="view">by {{ | default: }}</p>
{{content}} {% if page.tags %}
<small>tags: <em>{{ page.tags | join: "</em> - <em>" }}</em></small>
{% endif %}

layout: default
# [Writeups](./Writeups/writup.html)
# [Coding](./Coding/coding.html)
// Javascript code with syntax highlighting.
var fun = function lang(l) {
dateformat.i18n = require('./lang/' + l)
dateformat.i18n = require("./lang/" + l);
return true;
@ -37,87 +21,8 @@ GitHubPages::Dependencies.gems.each do |gem, version|
def fun():
print("Hello world!")