UltraTech is a web hacking challenge that involves enumerating a corporate site and an API belonging to a fictional blockchain company to leak credentials via a command injection vulnerability. After we get a shell we’ll abuse the fact that our user is able to run docker to spawn a root shell.

Glitch is a vulnerable NodeJS application with a backdoor in its API which we’ll use to establish an initial foothold. The post-exploitation portion of this box was a lot of fun! We’ll see how to exfiltrate a user’s Firefox profile and run it locally to access their saved logins. After that, escalating to root is more straightforward.