Member-only story
🚀 From Login Form to Root Access: Chaining SQLi & SSTI for Total Compromise
**Not a Member?? Click Here to Read Full-Story!**
Target: GoodGames (Hack The Box) OS: Linux Difficulty: Easy Classification: Web Exploitation & Container Breakout Author: R00t3dbyFa17h
⚠️ Disclaimer: This article is for educational and security auditing purposes only. All demonstrations were performed on the “GoodGames” machine within the Hack The Box lab environment. Never attempt to access or modify systems without explicit written permission from the owner.
Executive Summary
This assessment targeted “GoodGames,” a Linux-based server hosting a gaming review platform. The initial foothold was achieved by identifying a critical SQL Injection (SQLi) vulnerability within the application’s login mechanism, allowing for authentication bypass. Further analysis of the authenticated user dashboard revealed a Server-Side Template Injection (SSTI) vulnerability in the user profile settings, which was exploited to execute arbitrary code and gain a shell inside a Docker container.
Root privilege escalation was accomplished by enumerating the container environment and discovering that the host’s root filesystem was mounted within the container. This misconfiguration allowed for a…
