In this write-up, we will solve the Blackout Ops challenge from HackTheBox. The goal is to analyze the web application, identify its weaknesses, and use them to gain command execution in order to retrieve the flag. Along the way, we will break down each step of the exploitation process to clearly demonstrate how the vulnerability can be discovered and leveraged.

Now let’s navigate to the website.

As we see we have a login page and register page.

Now let’s try to register an account.

Notice that the application require a registration code to register an account

So let’s review the code.

As we see we found in the database.js file a hardcoded access code for the administrator: ADMININV123

Now let’s try to register and account

email: [email protected]
access_code: ADMININV123

Now let’s try to login with our account.

As we see we managed to bypass the registration and login to the application.

No let’s navigate to the evidence tab.

As we see it’s a simple file upload function