r00t@blog Back to Terminal

Beep

EASY Linux linuxweblfiprivesc 20pts
Elastix VoIP system vulnerable to LFI — read /etc/amportal.conf to get credentials then escalate via sudo nmap.
// hints
// techniques covered

LFI Discovery

Credential Extraction

Root via SSH

// walkthrough — preview
01 / LFI Discovery
Elastix 2.2.0 has a known LFI in graph.php.
searchsploit elastix > Elastix 2.2.0 - 'graph.php' Local File Inclusion [FOUND]

… 2 more steps locked

ABOUT THIS WRITEUP

This Beep writeup covers the full attack chain for HackTheBox Beep, a easy Linux machine. The walkthrough covers 3 steps from initial reconnaissance to root flag capture, including detailed commands, tool usage, and exploitation techniques. Suitable for OSCP preparation and penetration testing practice.
Unlock Full Writeup — Beep
3-step walkthrough from recon to root.
Covers linux, web, lfi, privesc.
One-time purchase, instant access.
Open in Terminal — Subscribe for Full Access
r00t@blog — HackTheBox writeup platform | HTB Beep walkthrough