2025-07-27

Outbound

12^th Jul 2025

Difficulty: Easy

Machine Author(s): TheCyberGeek

Successfully Pwned Outbound

nquangit has successfully completed and pwned this machine on Hack The Box.

Machine Information

As is common in real life pentests, you will start the Outbound box with credentials for the following account tyler / LhKL1o9Nm3X2

Enumeration

nmap Scan

Nmap Scan result

# Nmap 7.95 scan initiated Wed Jul 23 13:39:53 2025 as: /usr/lib/nmap/nmap --privileged -F -vv -sV -sC -Pn -oN nmap-scan.txt 10.10.11.77
Nmap scan report for 10.10.11.77
Host is up, received user-set (0.061s latency).
Scanned at 2025-07-23 13:39:54 +07 for 15s
Not shown: 98 closed tcp ports (reset)
PORT   STATE SERVICE REASON         VERSION
22/tcp open  ssh     syn-ack ttl 62 OpenSSH 9.6p1 Ubuntu 3ubuntu13.12 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
|   256 0c:4b:d2:76:ab:10:06:92:05:dc:f7:55:94:7f:18:df (ECDSA)
| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBN9Ju3bTZsFozwXY1B2KIlEY4BA+RcNM57w4C5EjOw1QegUUyCJoO4TVOKfzy/9kd3WrPEj/FYKT2agja9/PM44=
|   256 2d:6d:4a:4c:ee:2e:11:b6:c8:90:e6:83:e9:df:38:b0 (ED25519)
|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH9qI0OvMyp03dAGXR0UPdxw7hjSwMR773Yb9Sne+7vD
80/tcp open  http    syn-ack ttl 62 nginx 1.24.0 (Ubuntu)
| http-methods:
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-title: Did not follow redirect to http://mail.outbound.htb/
|_http-server-header: nginx/1.24.0 (Ubuntu)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Read data files from: /usr/share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Jul 23 13:40:09 2025 -- 1 IP address (1 host up) scanned in 15.39 seconds

With the Nmap scan, we can see that the target machine has two open ports:

22 (SSH) - OpenSSH version 9.6p1
80 (HTTP) - Nginx version 1.24.0

We can also see that the web server redirects to http://mail.outbound.htb/. Then we need to add this domain to our /etc/hosts file:

echo "ip_address mail.outbound.htb" | sudo tee -a /etc/hosts

Nuclei Scan

[CVE-2025-49113:version_check] [http] [critical] http://mail.outbound.htb ["Roundcube Version: 1.6.10"]
[roundcube-log-disclosure] [http] [medium] http://mail.outbound.htb/roundcube/logs/errors.log ["3971"] [roundcube_path="roundcube/logs/errors.log"]
[cookies-without-secure] [javascript] [info] mail.outbound.htb ["roundcube_sessid"]
[waf-detect:nginxgeneric] [http] [info] http://mail.outbound.htb
[ssh-password-auth] [javascript] [info] mail.outbound.htb:22
[ssh-server-enumeration] [javascript] [info] mail.outbound.htb:22 ["SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.12"]
[ssh-sha1-hmac-algo] [javascript] [info] mail.outbound.htb:22
[ssh-auth-methods] [javascript] [info] mail.outbound.htb:22 ["["publickey","password"]"]
[openssh-detect] [tcp] [info] mail.outbound.htb:22 ["SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.12"]
[form-detection] [http] [info] http://mail.outbound.htb
[nginx-version] [http] [info] http://mail.outbound.htb ["nginx/1.24.0"]
[roundcube-webmail-portal] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:strict-transport-security] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:content-security-policy] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:permissions-policy] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:x-content-type-options] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:x-permitted-cross-domain-policies] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:referrer-policy] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:clear-site-data] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:cross-origin-embedder-policy] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:cross-origin-opener-policy] [http] [info] http://mail.outbound.htb
[http-missing-security-headers:cross-origin-resource-policy] [http] [info] http://mail.outbound.htb
[tech-detect:bootstrap] [http] [info] http://mail.outbound.htb
[tech-detect:nginx] [http] [info] http://mail.outbound.htb
[caa-fingerprint] [dns] [info] mail.outbound.htb

In the Nuclei scan results, we can see that the target machine is running Roundcube version 1.6.10, which is vulnerable to CVE-2025-49113. This vulnerability allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.

It’s also worth noting that the Nuclei scan found a log file at roundcube/logs/errors.log, which may contain sensitive information.

Manual Inspection

Roundcube Version

With the provided credentials tyler / LhKL1o9Nm3X2, we can log in to the Roundcube webmail interface at http://mail.outbound.htb/roundcube/. After logging in, we can confirm that the version is indeed 1.6.10 and that it is vulnerable to CVE-2025-49113.

Exploitation

Part of this article is encrypted with password:

HT8QSK7+3hlK82qBcV5JF+yxoIxn5XPa4gj0RkCyd4Xa/0pSJp0elur95YhzW6FYlUnAT9dE2jC2EYmJ2dZvatCXMV0eohwbJ8yaz4gldn95EkrRx2gGJx+cfiAwXl2IwkS0gdAko9NJTcDw0DODOVODNZLXeH5fDo6w1bs6U5vJc/HN7V0k1HrGiYK6RAcY7c4tnypUf4B0X5n5N3Dj7whB+qkAjFDHYbOj0ihW8R4njlx3Wz7/zDQ0Qz7TNJ5EoSNLQfnXP0KmHeUIIfXcaeoWAKSrFBLDf3GLk9dpA5TZM2iVVemNo5WHlXdd60Urhr/n6dRq7MTsX/XeyvFu9yW6FBZUBBMgWNMcW9uIz7XTrsCXGjbHJ0kTppN4qSjwDFYu5ViIZmT8dDYNwtBqZFLi+mIspSS+yAXBQk9+TaYh5BPAl2Q9W1y7WhMqziwxLPSUwICsvBZbscovWOnhF1eQBkr04KUlrS7fwIBhnPrB2EeCzv0E8Zgf31nMzXZcJ5hLNIgiCIUj0SxnmD0LikCoq78Maw1tVhSeGvHKQGeX5dYBA8EEXtSk5pUzJLFf+qT6ssJjlzQCarQIOFBCoZG1CGy5Y/H5RPEr43ZBnEDrlAFuWbUqPWM/6gdq8hp4pTX+kIpKj5cgGliRZMXZ6umAQjMmahEoNGaq8SLo5qCdd6cUra6fc9aIu6cv/khh668iJsf+4yejPPlrGoDHkMU6bbU/2LMekHmM78HhazY+Ox5LP7LExG/q6VtDfcn4jr5kq10xmnqAwBoW80xHdqATiMSAqfW+f7dQeB04pHv+3lzs0a21qY0lfj/7S09CWXHeV56ih51b65bmUAvy9XQvSzd5RcIiNX2qHyW4CMduOatA+396sfKwBGISx+zhziTjyzOxdmCFZrJcI63z+FJ57wHOlh87xMVTXAA7ETtWzRIlFDvpkZojQcDhlEMZa2M18PlskF0vjPxdEn2EmkVXEBH58mMaSvmnMjGioP0Xa953qzfmTPiO1+SqDrKAPMSzjEQsxtAVCHH75vhzPIBJji0NddrPQgIY8CEZMo75ScuNQ0t1Z5UNW12ApB9WOvBfEWxGTa2Ms8ZBpxLCeDZIWmaTictfumj1FNVJYkSem9ZI0YwOk/Px51qDcyLxlzvF/qY46gD7oSR7Ol5whzgf0ScezxeKUkVOFdyQ/aXLSv0D7SgZnzyhTKmvxHOtEu2DD3Kep/+Ewx8jafWKnf5G+tNkaFqkd1QDOHizSHYcsr+Wq/X6ZWHsDBCHTE02W9tecyJFDR39pgbkgrdOS45Y1Wqr53WSyeuGF16qRenRuCZUuzTNeVVQ0hzBl/2fWn0v2qLvJxPteXKlVwAjYvowqfWjxHC7pKA4nYL6g0CYFBv0r/5b9SBg5jNCTHgiQDonpu5FBIXeu84yHSuNEHa8GJGRvIEnYNelzQAOo0uirZTyHPFhsd+C5BAVUjICXp3boGwyG7PyBxFLeSERTCZyHjHrsFwwGrBrgfavU87K/lepToaq/qgb6csIkiz/8uqWOQco31hO2QyuNvUm4rtKIMX883PCdao/VMCk0csu2UiIQn6Rb/6EU0OcDXlvC+L/XhsyA7c33Nfbbb+CNTbHeLAPmfOPkfTgrl8nvSmC9P5y45uu5Q7iBUAPlVZvBkFuXS8J4fOzxvcfNGNj0zfyIW7sKO6YJOOU2MOkxz0rpD55H5boQt15v8q3I+YVDzB9GXz7FF4uHl1jFX+uzgn+nI3BHEayp4ZHWRtgcObZ7T2DILGJg2SwWcfnlvV8QKUhsNUw3k3I4dI5gL3nVYLS2PgxauSMs2gWixLSAeJUAANyHzwNpQR91dm+5fYYgdZhsZ+gsiLVXWIHfGFFbYy3b4ytZh5BU5QPM7rBooKKbbExB8zKB1QC1vkiPXd/jpiO0cID9h5YRATXB+hz4JOoxj26PKAL31eeRNzNb3G9QUt230u7ANSW9oDwZrZ5ySsExPHIBcZtSCJjmdhem7NxeI6u1zkfH3ULGHYcN2ZQpJB/IhVrPI2rQp5FgDK8FDoa8HWrJRIjNgCl7yfCKExzZ5HcQFxPmdgvvJ5Zme+GzYg03UP53gweqgMvxgunJ8zj4Ra4PhE5XdXNhnm4L5GOQP2yNpZpfn7U3qkVHs/aZzTEebRKfNJx22dS749p0DN91mZ9TaJUcRB9HmKyTorX5hxhbpBu7cjR5dJjm/aarVg6eM43n+dpn29VH9gB+dgwTHUNdCqXrP1VB4z3rWdcxYKl4gOcn2ViHy0FZF6jm7X3AKUbnhoLDKvHdFdnysb/UVZuYO0rcFlr16DjApBaS/OjHooBDJJ8R1pbjVoTPBz/vWKB3K33naRX4EzGM9F4Q+jyL2gfIEA4HzjveRmiSg06A6W1p1Ne8Z4VDZEEohWgyx6FQBRXusZeKGKgsKFFPXahUwaK+VXjm+XshHTEKwF+Qccx78ZKA4MD5gYqQcCVXxWRwkkciRnjkaMNnzg7K77yjtIOMFBRY6pc4z29A+Wo9SiCML9UihCE34FfuFm65qWhEEJ5cRU/tR2q1f3lPw46sea3zdrElxjHI74pR4MvwE536JhMiLDsoAJTH9ZjbBTY3GxMGrRPyGG/H40VhHwBMk10GtqV/JU3BW9s7fXx+M2QZ7QF7av//TVGwffpynHSqJxgfxCqptDzShI6xMcGnZCqcQpExd4rYdq4CgOrMLTaJ9xFrDBGEqkN6iRVnrCepY5Zv5xJVPOl6Dtth5xIitCdFMrXWL9RQC0tLrux/rUqHjKuVNGXUIfLOhwglYSWh8rSY44nabx5uibmeCERN5QuqCYVn4Vs8rGhqJ2nylXWr1VGPfXW+nra7mx/V+0W4BSGqCToBKHLVv03GtZokc+ZH9VbKdD1DONscNiM/z+haTw1OUIhPHrnGFu9yHhnPN1e4Aldjxd36swrsZTlo4c/AqEm5Qfd2ZYOMrmXgzJXuTN50lpJMWHvyO1Tu1x/H6rEJNyOKBBkOBmXpt4Zl921XZSgqQm0Bz/KeXki6+HKqNWEZA/xI1PZLFEZmv05Vj0QbXThoGCST8+F93YJ8TuNHsBk0NkCpA/5VGA097joux6XPrtCMQbGaPBZmvDHMLP0h0RssdBs6q0p7oHh0qpwTtl5a14bLODiQEaW7PFcCkabVFc3RBUfoCUaoclkOdWbR5lBQDVUlBkWC+o/Ze7ahWFgZ/aKc0d46j3WA1+JBf4Z615dbzGRWXc28rp+QKxlTPO+xML6SkSV5r3D2xa1EEB3T2XRYeSnboxtzgMO7PEdbkR7sTsAv2SzPI+XjZI92TVHX4eOkHV00ZZCdTZ3snIEsf5tqVGdW3XNs+rvcpetjiWooVdzDlg0b7vJUanYwp2gpvc2QwTwLK9XMWVB/uziNXQ6C2DoSPIG4PCDb0LpV/bzYdDGPX+mJuEkrZ4z0mMdrzNWCe7Fup4nicrIIm71vrEBq6mKxuVj3WlpW3UdVkeIaZj8nefleZeABkGwqYxdb19eVAM1l6alxROMtuEWzw2uHgCt5JZaWWsF8WrTk7FvRAoB2v8xIlLCIJ+LSgGYRsHQX1qcwBt++fAdkRmjq5ZJW0F8h9llpddOoNuKY5Jt0+456Wao8z2GTHrC1EsFu/uaCoGMaJdCR/FJOtcPnId1S53cVKaAGrrQSZ3A6eUJYt7AkgWWVY5ARkf8P0Mjxkwxv3mvY1/jCDf6c04a1FxTKnygCfughs5q4cxjZXl7O8iIbb22ehEDDptV8xNTpl0uteVLIsBBNBmK9TXjkOljS68iTBpJWb3quCK3bgXn3m5clLVI8uZDcYYlZS0T3hjngRONlJw9paiVndyBb8B+yFm5asxGI5vB03I0ak8BxODZUNEZDCHCfv5A25sY/BXgEL6ugNAOc/dk4AlqFjhJbkNxZ6qkMdAkAxy4yPSNGUQy1BRE1JiCZx0HhJUrXKs1jVpr01TPP077Fz3lq2KA9Gdsi17yKyWStY+HSe7FlIbSxaXGHfP3wdzW7OY3sFRFY2tEkj78GRhuxjnUdyaQbvfsKL2JgMGmVXCvW3xziX+E2T6CrEkZiZv1kpgmNOAl9drSTWydZdZWTPPW+wd3gk/GLfVjZIxbqk0co6eov4un+OyYu/xmLH6rfFbP43RrPiLQva5jUxZzLbwIG3+/3jaqdN+YyrXc7bptvuxiaPShD4lGgyI1fIyrDoLT5i5E9pE+v3Qw5BMQoPWXyzBnjOGEe2WJGWOe/2eK14Wr6NHZ5tKCYvtw36SuI1tBEzbatJQjH68nwGFwz0HjhYSGDk8FQI9idxsZuBlPeVR+6nNeuUsBbmxr3PKLCvgrCk7yTAsoroUiSyAMPYUYohgNHr6VCG36oqHKMNA7OyITyeIO0TlPQGJpgfo5qNalQBmKq1AUNoTY1v0pwDnprLMsNn+5Sy+a/UweWpMuhJW9w0w9pgTMAOeHeEtyLsfA+H65W22keRF+pgTtFhBMLxs0YDqePd0QTW9JX8nPp2C6wzW1ORE9n/OTQK9lLPwnILUmRxIEWzkK2RjQ9RSwL7otC2J4ydyVg7wUtejzoMbKH1VokXaEv/E+Os6vyDkIq2QJIjoO7AlakM7gcbLVuOWL8fJ+CW0vBMlXJjL7ULyRpVuhfEN5Gaf9Ez3lxPVeRVT0axlCUs/6E5jxyK1wdj8leVnNIPay83OmH6AtKiXqu07MihlcXLXFJ9/H8qSifRPhBuJTpSXDZW055pDEUxzQxapmJN1N+C5N0gSOtTnAXhQbV09BPZhqKLExnwvRAY0rAhR+F79PIWk9hrYjbDbOAffMuhEp1pc5KdbUFhEa4Ihi7qB7OepEro+rMBU1wDmPIx+8t80pOkuj1EunT7aX3uhl0+K2363jJaFrPG3f3eWhU/4UnaYQBPsYfmp+r6HYdw2yuaVIpvXPYC1981E0P9Ap/RXFtPltOPboyScrGiJZ+ENrW21xSCKFHvrCJBH2Qx4ZRnk+x7RWvpgVeXlMwd8hFmNY1kcnRavoXnzTQ8/G2v1KYFBIM2eWVJyGHbDNuSGs04HJjodiUk28ZPeU9NMy2bhin0dyki61Fe0r2pwGggTWuz9qV1UosFVJoqvxGZ3ZcEI5ODY589IUxoKh5SR78l5LwWd7W6Y2ovbpqUe16XvBiEWOlKBSXXldMV6Wv6jG9vSET3giijsrZDRwcWwiaYtJNHhMSQ+C9Svy82JyuhIqzl4Rgnfre1V7BJmT1UwNze4qgZ4iqgRp+H3TxV+xbLlfsicyNMF1jvE1Mf+LW/uRPWHYnCzFUbbrOJEgkQdlr6Xsl2oibOZ2c+PKD7y8LiIAeu3LjaxcgZX8z4mhXLq5eCar8cPxdv6e1Wj3YjoE+g8EpdLd+v77LYw6+iCk4yoSR0LS9IR43ANJYOe5jpG8cO4ewnVyngFB6ItbZp72UKjTJJABY5yCnJ84vyJ0P3tuRNqcGfh+D/Z9c5F4+sS+Ojsr1tmThRtC/kLg/dMimEFarbGCy04ZgXZNba70iQaBeGSsG/G9foZ5wWBlyaaolW5BVxRarPciTVrPw2nQqKP41lXQ2ZXxqscQ1dQYob8D/klXeVghsRN5MU4jRj1eQkZIJlAfFVLMz4S8vS9U7UNLvRxEMHwO5XO1poDFSlHxD9gltYkEpW1hASq2rk84Jj5GyWRQXIC040/Hoe3O7uXpXLCV+1OJTDc1i3DNAFRFlbvYRgR+S996wFpsZwM6N6YJqgp1uoYDQ461aqKa8kMVk/YFjY7IM3OdwgnmG9m+UAYOqM9CG4B36jHzou6kf61ObXJIoklpGpH2RIShv0aVP6aHgdT0/4Ar3nF/8uUeAMeFr2LpMTg7y4WlWKwMSuNM+ynilRiaLpmZJEVD4Ao3YWMq+DHJPPeqlDCOIW5+7RjINQ27pT//ggAXjGog2ugnDsz1ZfZlBK21cq9NqeOZSIRRoSI0UOQb5AbBSowE6zlNsoaiizo9j4eYlyGMdm6VhiyUap0gzY+2puIKu7gzHSkz8mqOBXaatONLX2pWumPgHG+lQAqZZjY65BNByy/4RBjdFuja1wF4G3Zk1xy5ngD6IbErP3cottk2IsZzVN2FsQ+Sifz//lEyG/C9Wxu3wSLkZZZ9XH9MF/6STb2ibDUF8HDgV3DNOQyv8pD4ufXE0QGrdwTVhwQ66fgRGd8Dw+iSaRg982J2O+NISpi4ycxKjcPbNKevmkuXrED5uTfbKOwiGr6x4SpE5hFNUYjLs5I6VMvc17r0jUFhXU3O8wkIH+TgX6K6kPHHnEEtjYOYmN4XThxH7JrKSkZ06Q39MPsd30qUlBcF8fO9hc6ASp25AmnCx7HqQh2eh4NAXITYcx2blLvk7u165rD3oHySR6zDVbvl1mDNhwDqolYGkZ4ouj7PWKGBp0txaNtm7lOwKRTRx//FQqfCyS5xzFDK4pr6yItGfY4gK58y0RrTMMkU8WYnTjAzZOzyH5NiVdfElKg7RYjQ7KcGM+9XRZJkHBWj+8v2rItfUkWNuATwB2vnCmbMufeqWa5Ib+1a/pmUv9ckp/jknrqOr4lMgrH3GsA7ncqTxzP64Egv6UZ0snE/H31FA30JK1yicnhrob8VrZAepjwpWEYmdmqi38Z1rMVx/RUyndLBMMIVzwRg9X6XVSXAIbXiqyJTBXqDdRvK9WMFqM7fyrLRoxDGFP6Izp0OGnz/nXNJiA3/VzL5tYs03t2tlTJoedQe6gGIDyM8sYxemaBr4VZK5SHMU6q9wKPImQy7CG/xJV++ecUq1AtuxmSoqW5OkPYByqTD0UDcDUSZ5nJS2ESwdM1IWGNcmiNe8W7jklcUCJn2bluqfXl4ixOuqvcdq3KN2UNIUyK9fUy6EbIwGl7RFVjdoSZDtY1/yBgEhFwqS9+wlQTVOUj6dxg9p0Qi0/lqaP2VuojJingOZyX7zXgl3fYoOTuk1xOMuKoZqaacjrl9c7aly5lWJ5P321uutAZLyCPchuNttlZUFxh6AWDPd7g3hgLSrA07ycOiQa9ZNWgb7gkOSpdSDaFAg/pMMbndA9Cz5VizDkFGDYWVa0xkVRNU0G8jZO36PbKHLOyBMlrYjw7KaGgSlI4WRFc84jabGEKeIcWjhVPS1yjqPBQnA02WFfiQgbgQ/fjw4nRujeKE1rlFm4Mq4AZ3e4eA5Rv34SbKhCqNudLdvPqDS5ZsX18NyhvnG8q8HCRLmdpiWLws21yhRG3AFAIGkIVWojvlyrdS8MSHXekrKuIBw91ronJVd7kTKtfYmCVyTZgOm+l2p7qJYYbN12IaetCKLF5u7FlliLarxX9D3hqyxbtGf8BQPHkiAcW99ZhhhVqYSjTxAAL8+vbPJh3hpmHUdvIQh70KW9JD7FlQFNeobkd4blMwZlbVrobZDZqwMuBqsbaT7mu6S+PEa7y0fb0IEyjKt9f9HuxnyKw8+FMdmkuj9O3NIHcLOAAKURUBOCkKS7UkrATPyB/a+xxKWuKP8lClntTTfHqIlnW+QNwxgKDc6XHmrkN0dlMSdQ0cfPMkwS+EcGdyuOKoJpYhwPMN8GqXbsXFRTfCVOlMVYBjihLdMQYqxDNxYj6YiegBJ4/xyDzs0HCT1ev+9mwfZ59GE1EOkaDvy6BOlnHuCIjZSzOJ4X6HsqSLcK1vYBeRPDamppP+l4BDnD1h6rx/vPsfl7I6RYTVUVDcr9XOK7U7xIWarDq7UTCbSDsE1HlxuPOEQj5kKAQ0rHU84UZiog5PwNVZgXeEjm1i/P0010bawOxjPEp/uCLFp8RK028WAQlOZVFBZZgOj1Dx0LVMrvyxZpmbY7tWoJdDvYof9w6ZKQcWiQnvnzZRuqAk2rzSFLsr1UTzBLbwRcgSA5s2o8ngtLi27XB+96WZ/PW1LIhJyXZfkxp/bypMbLiUep9vxKBa37oLutnu729kYLWP2JKGB8Kn06WFnLMhnjDccabVZOZMgtb+/OmVDSezf17EWb7B+9XLUje2Mq95c/F9l924dipa+Ul+5I6lEP5fsH5q7m7UfvYX6fqxVV83qOiplxCUQWMOhbAKYSHGx7QUD10/w67Lwpr8eT3iOyfWH1Y5ZIhCSQ5wzatg4HwItlxpVCDkKHX8OQd4lNkQbBXTNkYi4N7reaT1jL4Q+8E8fu1sTi5sZOPlyzgxruqrdxTHRXN+jZqCRvgewgwETjbiJiu1RWYJeZFnXG5lQLmV+RmdxeyPnfFn3fFXM5omgAGHcrAaail/vr2yaxrmoXLp0LUG9sy+PNTG1yM5NLmH2HZ1/ynIQ7PXd3ys43IIpbJe4TcFVAf1dZTGNlXB1UsRBEOipFqACbQ1GbGu/mn3Jg9dkuRKBpddb7uzHIiZdCrZ9dMJWHcjLD9buvlrCxeHmj1wVJOku3h6o5nf07vDIW315PjZ3nvIrc87LPcOMdnOkcVglLnuOVS4Bh55fIdQAcuk5yzXq43nt9ng51LIsEy0+8cyCqubeO1V7xs09EEav/qWYBvQcHI/7SyaLVUqn1+3UxA82DvSiPqg/VEvWhds3U8mzivPMN/U32l3fVSPFGKHdh+HgJ1G11JQudIaUMKDyyOMUplhf2FoFOd6vKAKeLwt5O1x5pdOkafH5hGyi6wu8we28VUOUkQ9IVrBqfuyU7A3C8vyLKa1ru8pMYYRs4kOgSY3X03jaVV07AQaGL/cIr+b+Yy7DBaQS5KTPpCY3mksJvp0Z3PPoSQPjgpAfvwshv0zWn7WR0sGtGs1Mi75RQJ2qdMcdtAJ6k3DM194DgReKvvAhnfJ98afrpxYS9O9CcUtAmFHvG55QLqZzXMNVTedf71m52kOAjBd0WiutZY2Yjsz6TK5j0okMHcvBlurjOD0PG+5WpWpsHT61K/suzEWXQwLtT2ewP4/PPgQ6sZXLIU3ni3Lm5+APdLEVyFQfrfTa27R4PHXjnpA35udRrqguwvaVKUOqd13YoigHKRU3qmyTMUURAC6DJYz4iAi4XIL0OxOHubLQsANmjtCOvP7dwjNgRcB1xIzwmUAS0aYz2mg2sAdEy0097rCdU4N5FuVDVMbB7t4sfB4q1cfChgtlznWfGoeqPjCNaeK1q0pxPVYrmmkuEhM4F5YJzpPRlY8eW4qdB/W9j0noHc4+h/9J/qJTfND1vEirk3DB0ieAjHcQ1WDzo8VFN3fadCSV6dBlmvSpyJ5t5BhgxH6CBy+pKx+kmLwaTCe8whFXlEui4NwEOrj3QoAWyqyNIie2/rQZfE48O+ksARMt240fvjupEz3RQj16oOJE0K86dBKFdP2D5+e5HbS031q5NRhE/SnYpza4Pcwyy3Z+JlEw3uoX7JguBgGtZy2AA0M/Lhw+ygP/YVa8JUPkCtRZLe8A7b1tgTWrHbtjxcQmjZg9mIvQA8z2vUKthTWyB62K1FzmC8OE8WHg8CE0Hxs3LC23oh5pgxteOZW8LmLStq3+ZvbxA/O0C+uNoQOnlexRqMrzsA64i5EW3Kmw86D2L79KT4vmSjXwj8xLhCZy+DkQHcTqLdOfIUMJMNhUlbkt/ZOH24M+MZA8Lf6T421le571PY3A65d9Vm1wc6OrbXtFqVCH064t5pVgX++j/Eo+REHQxK5I9+Jz5WG6WVdxU/imE4lEslrtNG05VqOpVoXCFWQAgoRTYWCVZLhqgeVLQhAoG+0kU9E6SdA5NYur3SKl3uzU0yPuE3xnEb9ScLVCBiFHL/Cb+O7xpxTpEnjJUX338YNAtHxrDl7EL1acF3S111eXJFeWeMTBpBB4T9CCgZ6fcbR1rwgF5b/p3bNniqfcQo8ClZhOrUj1Mn0eaB5sY9ICWUjHhixQ1R1GqFCdlc9vThUH/bJ3YczavQA7QMC2+joS4p8rQqMjnkqGxSRE32dgtHfhe4WjVA25ERFH9B85QesnXgUVgqTOBgFL3Zdik9ILoUK5tXH4b4PHivizqVY61qxw+wQtiY9Mv6LlmO2wtYhEpxzZKGvMo2WKv1YTDfvKZJXXDwfaBAYqT8809ScB0mzxXFs21P252slmHf3VGc/U3D83cVMpA1brwxEsmIrLkLA4NEFemFIQiBFwtH2J/EL9aI0bq6urjUbp+ah1GnsZfKBBg3P81Hqiq/FYzivaPv5J8SCo/tjZuavK5fy4Sg0hn96Pzh3Uy7G2AAxBxZVzBQw8rtDJ4yclINeK2Ma5jkfHA1L078/Ubuphffh4JqtneiYN2Y9wXPt+9E4wAteX/pufCeMbH9jF1K0n5MMjxOAchc/gqLma0SidwEYckfg1D/CZvMbplyl3WGpuJvTJgVKpmvUCrlPse9jmgw2W+AETm3sM7s+YMPWCSWml0/+7fk6GjojrXcjQK8b2sq4nfHY5mR6Vs8oH/ArW1lbG9wAULbWUN7xiY8k3J3s5KUWhV+eLE9vf0MAEVHwkgIl2uF7RoQy76gsHlZuKNAxsXf1k7oD4fLKfHc6yjn4frIYLiAu612ANSE2U+6OZEAElKJ+SictTz+AZbA33cOzEwoob4Gl9QHt1pqLnjYjm18N9XgMK0M4vnYCi9C7YYTykt3xOnL41/kqXo2DI+sUGkA3Jf+3AN3/FtmVFT2k0jRskw7kQjXvfzYfbO+qakbmNueDVWfz1X1QjT1ckJkhWblUP+Fb8nPeAVPB8bqvUq5fJrwal87gUkleeSnrUJnukyTk/gixVfAbAOXWyJ0Ud+Pjr4Rqfvk5oAIyodzZubd0bQVFvVEqlgP0C1qREl3xwvyFsu/KBr1ge9lPmtN85pQV2ye5RNIA3C3mfBoalJ2Of88eVWhDou4www8hJtb8DkICBpvul+R5POvZMGFGT+5PaxQ7hdtLgof3Rp355WY5tSGHgCZrWDAbzqUYgr6Y0CAko/tGiI4ez1pDxd28iZ3Fb6BNk+nwWCAhD2Dw7st2etB6l3vl90PhxYkOGm56hRUVLwt/ptiqLT1TQ5ZL+cCD+TsmiB2RTVrVE9ktf0mx5Z29m7NxH/hJ3Yq7bV6FWIkH4RVCprZkzFbNOD8FGVf9zUydlh+hzIWxFvZwDT9Y7sr4NfQ7h2GVPU3mOU/1mpkdmNB2r+04HenGu6UJ1ajK7MUJK6+hAbDqP+CHIL7h2py/CoxHRrPsST6pLGLLTlY21D2FEn3T9ceUIm8/E2Eb1AkP/YEjs4eN1P302EYBuUJ8k5OhYGdwd/mXbdlk9MyppGbAwN4ryZpswn7JQ5RzxYsUX3DbT/zu4dm7Cw1YOya/8DFii5PKmniLu9VWZmv6XQSXxsX0i3W5kUYIYRLcmjbvLjDW83e2Mq6yVEyG8xzrO3p1HJ9WcpwD0oZq+uhDsIQ1zPE0XCmYocrTX3pqjHqTSK/LyEbHgCHYF4dwWKqMg7Per8eIkgGPwBCHeJ4ILbSzq6gzpxtLyZUca7UkqA5JEJ42tNFO42o4KjQjLyAm6Lj53BOTMPYMJEx7cSby3W2PLdRnyA4DgStSWpqPzOkzzGB6YIGld4+8ncG51q2/Hva8Vqj6ehaMFEfaQH2sO54CpnYKnI3R8DyHkS8UDNr7kk/7e3/664V4s/2wmt/j4YWWRe22+Dcnrwc+5l+g1mv2WgivBEKFBCVVh8A567Hn6MleAOAmFvYBxVnyRT3SYjMU/6lt

❌ This box is still active on HackTheBox. Once retired, this article will be published for public access as per HackTheBox’s policy on publishing content from their platform.

For more hints and assistance, come chat with me and the rest of your peers in the HackTheBox Discord server.

Good luck!