Blurry from HackTheBox

By Mohammad Yassine in hackthebox on 12 Oct 2024

This box was very interesting, starting with exploiting a vulnerability in the ClearML open-source platform, which is used to automate the development of machine learning solutions, to get a shell as a user. By exploiting CVE-2024-24590, we were able to gain initial access. The process involved creating and uploading a…