📣🆕This is a brand new machine in the Proving Grounds, there are no walkthroughs! This is a walkthrough of OffSec Proving Grounds machine “Flink”. It is rated as Intermediate but it was quite tough because java isn’t my thing. We take advantage of Apache Flink by uploading a custom malicious .jar file, then privesc due to sudo no password on the flink binary by executing another custom .jar file that sets the SUID on /bin/bash! ***SPOILER***Walkthrough of the machine called “Flink” in the Offsec Proving Grounds…don’t watch unless you want help getting through the machine.
Offsec Proving Grounds Walkthrough – Flink
