Linux

Sandworm is a Medium Linux box featuring a web app with a PGP verification service vulnerable to SSTI, leading to RCE inside a Firejail sandbox. Credentials found there allow SSH access. A cronjob compiling a Rust binary with a writable logging crate enables privilege escalation to the atlas user. Root is obtained via a Firejail exploit (CVE-2022-31214).