Welcome to the HTB Mango write-up! This was a medium-difficulty Linux box. For the initial shell, MongoDB was leveraged with NoSQL exploit to brute-force the passwords for the user. For the root access, a program configured with permissive SUID
was enough to escalate privilege to root. Let’s get started!