HackTheBox - Runner.htb
User flag Runner.htb My initial reconnaissance scan revealed two web server and a ssh server. After endless searching, I stumbled upon an HTTP header that stated that this site was powered by TeamCity, which is a virtual host on the server too. This took quite a while for me. http://teamcity.runner.htb/login.html is vulnerable to CVE-2023-42793, which allows any user to create an admin account. 1 python CVE-2023-42793.py -u http://teamcity.runner.htb That was easy....