./bin/bash
# Connect to the PDF converter service s.connect(('10.10.11.232', 8080)) pdfy htb writeup upd
import socket import os
Using the information gathered during the privilege escalation phase, we devise a plan to gain root access. We modify the config.json file to execute a malicious command as the root user. pdfy htb writeup upd
Using the information gathered during the enumeration phase, we attempt to exploit the PDF converter service. We use a malicious file to trigger a reverse shell, which allows us to gain initial access to the machine. pdfy htb writeup upd
Upon launching the PDFY machine on HTB, we are provided with an initial IP address: 10.10.11.232 . Our first step is to perform an initial enumeration of the machine using tools like Nmap. We run the following command: