Lateral Movement on Maccioni Andrea - Portfolio https://maccioniandrea.com/tags/lateral-movement/ Recent content in Lateral Movement on Maccioni Andrea - Portfolio Hugo en Sat, 14 Feb 2026 00:00:00 +0000 Interpreter - HackTheBox Writeup https://maccioniandrea.com/posts/htb-interpreter-writeup/ Sat, 14 Feb 2026 00:00:00 +0000 https://maccioniandrea.com/posts/htb-interpreter-writeup/ <blockquote> <p><strong>Difficoltà:</strong> Medium<br> <strong>OS:</strong> Linux (Debian 12)<br> <strong>IP:</strong> 10.129.5.191<br> <strong>Categorie:</strong> CVE, Deserialization, Python Injection, Privilege Escalation</p> </blockquote> <hr> <h2 id="indice">Indice</h2> <ol> <li><a href="#panoramica">Panoramica</a></li> <li><a href="#ricognizione">Ricognizione</a></li> <li><a href="#foothold--cve-2023-43208-mirth-connect-rce">Foothold — CVE-2023-43208 (Mirth Connect RCE)</a></li> <li><a href="#lateral-movement--crack-hash-pbkdf2-e-accesso-ssh-come-sedric">Lateral Movement — Crack hash PBKDF2 e accesso SSH come <code>sedric</code></a></li> <li><a href="#privilege-escalation--python-f-string-injection-su-notifpy">Privilege Escalation — Python F-String Injection su <code>notif.py</code></a></li> <li><a href="#lezioni-apprese">Lezioni Apprese</a></li> </ol> <hr> <h2 id="panoramica">Panoramica</h2> <p>La macchina <strong>Interpreter</strong> simula un ambiente ospedaliero reale che utilizza <strong>Mirth Connect</strong>, un middleware per l&rsquo;integrazione di dati sanitari (standard HL7). La catena di attacco si compone di tre fasi principali:</p>