During a debugging session of one of our NodeJS microservices misbehaving on a Windows Server 2019 instances, I opened the microservice log to begin investigating the faulty behavior.
One of our largest and strategic customer recently requested to be able to execute an automated ETL pipeline from one of their Windows multinode cluster in a sequential manner.
Hack The Box is a website offering vulnerable machines for practising hacking skills. The goal of the ‘Labs’ are to hack into the system and capture the flag (CTF) which can be found in a text file in the desktop of a regular and an administrator user. On my pursuit to get some practical exercise in the field, I decided to sign up and attempt one of the beginner exercises. This post describes how I managed to get remote code execution (RCE) in the one of the boxes and access the flags.