Python Privilege Escalation | HackTheBox Cap

We covered Insecure Direct Object Reference vulnerability exploitation along with Python privilege escalation as part of HackTheBox Cap CREST CRT Track.

Cap is an easy difficulty Linux machine running an HTTP server thus allowing users to capture the non-enrypted traffic. Improper controls result in Insecure Direct Object Reference (IDOR) giving access to another user capture. The capture contains plaintext credentials and can be used to gain foothold. A Linux capability is then leveraged to get root.

Get OSCP Notes

Video Walkthrough

CREST CRT track, CTF Writeups, HackTheBox Cap, HackTheBox Walkthrough, Linux privilege escalation, Python

Show Comments

The MasterMinds Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Python Privilege Escalation | HackTheBox Cap | CREST CRT Track

Leave a Reply Cancel reply

The MasterMinds Notes

About the Author

Other stories

Windows Active Directory Exploiting Group Policy Preferences | HackTheBox Active

DNS Zone Transfer and Python Privilege Escalation | HackTheBox FriendZone

Press ESC to close

Python Privilege Escalation | HackTheBox Cap | CREST CRT Track

Leave a Reply Cancel reply

The MasterMinds Notes

About the Author

Share Article:

You might also like

Web Hacking 101 with PicoCTF | CTF Walkthrough

Practical Coding in Cyber Security | HackTheBox Coding Challenges

Critical Webmail Exploit: CVE-2025-49113 in Roundcube | TryHackMe Roundcube

Other stories

Windows Active Directory Exploiting Group Policy Preferences | HackTheBox Active

DNS Zone Transfer and Python Privilege Escalation | HackTheBox FriendZone