Vulnhub | digitalworld.local: FALL

FALL is an easy box from the digitalworld.local series. It hosts a web application that uses CMS Made Simple, where we discover an LFI vulnerability that allows us to read the SSH private key of the user on the box. Then, we find the user’s credentials in their bash history, which allows us to run sudo. The user had run ALL privileges on the box, so we jump straight to root.