[HTB] JSON — Write-up (OSWE-Prep)

Json was a medium difficulty Windows box. Good learning path for:

  • JSON-based deserialization (Bearer: header)
  • JuicyPotato Exploit (SeImpersonatePrivilege)

Initial Recon

# nmap -Pn --open -sC -sV -p- -T4 10.10.10.158PORT     STATE  SERVICE      VERSION
21/tcp