Possibly Related Threads…

paven · 06-15-2024, 05:48 PM

Editorial - Linux - Easy

Good luck everyone! Let's tackle this together!
https://app.hackthebox.com/machines/Editorial

AdenBilal · 06-15-2024, 06:52 PM

will be solving it today only

inactive · 06-15-2024, 07:36 PM

any hints/findings for user?

idrkwhatimdoing · 06-15-2024, 07:44 PM

/upload has pingback on the URL field when hitting preview.

princecyber · 06-15-2024, 07:50 PM

anyother updates whatever i uploaded its uploading as txt file

newbi31 · (This post was last modified: 06-15-2024, 07:53 PM by newbi31.)

preview gives the url path but file ext is changed even i upload double ext it remove all ext

a44857437 · 06-15-2024, 08:00 PM

The image is unchanged (so no imagemagick on the server) and the preview URL is valid for one request as far as I can see now

bl4cksku11 · 06-15-2024, 08:01 PM

(06-15-2024, 07:52 PM)newbi31 Wrote: preview gives the url path but file ext is changed even i upload double ext it remove all ext

Same, I'm trying to inject command on the field, but no luck

BahsbFAISfjhb · 06-15-2024, 08:02 PM

Think the focus is on the cover URL - it grabs your input URL and attempts to display it as an image. Supplying an actual image and re-downloading it through the application doesn't yield any metadata about software in use

jojo1234 · 06-15-2024, 08:05 PM

http://editorial.htb/static/uploads/e6d3...18a612d27f

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	360	88,710	03-28-2026, 09:28 AM Last Post: catsweet
	[FREE] HTB-ProLabs APTLABS Just Flags	kewlsunny	23	2,348	03-28-2026, 03:30 AM Last Post: lulaladrow
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	87	7,490	03-27-2026, 07:22 PM Last Post: stn
	HTB Eloquia User and Root Flags - Insane Box	69646B	13	350	03-27-2026, 06:14 PM Last Post: vlxw
	HTB - ALL Challenges you Stuck in	osamy7593	2	646	03-27-2026, 04:24 PM Last Post: catsweet