Instant HTB Machine

This project involved exploiting the INSTANT machine on HackTheBox to obtain both user and root flags through techniques like reverse engineering an APK, Local File Inclusion (LFI), and privilege escalation.

We started by identifying open ports and accessing the website. After decompiling the mobile app, we discovered an admin token, granting us access to sensitive API endpoints. Using directory traversal, we accessed system files, including an SSH key, allowing us to SSH into the system and retrieve the user flag.

For privilege escalation, we used linPEAS to find an encrypted file, decrypted it using a Python tool, and gained the root password. SSH-ing as root, we obtained the root flag.

Screenshots