This repository contains my full walkthrough of the Fikklish machine from Offensive Security’s Proving Grounds Practice.
The lab focuses on exploiting a Remote Code Execution (RCE) vulnerability in Weblate 4.11 (CVE-2022-23915), followed by privilege escalation via argument injection in a vulnerable Ruby git gem (CVE-2022-25648).
- Perform full enumeration and identify attack surface
- Achieve initial access via Weblate RCE
- Stabilize access through reverse shell and SSH key persistence
- Escalate privileges to root via argument injection
- Extract both user and root flags
- Web application enumeration and contextual credential discovery
- Exploiting Mercurial/Git-based RCE via configuration injection
- Validating exploitation using
tcpdump(ICMP callback) - Reverse shell troubleshooting (egress filtering, port selection)
- SSH key persistence for stable access
- Privilege escalation via argument injection in Ruby
gitgem - Understanding real-world instability (Redis errors, service locks, environment resets)
- This write-up is intended for OSCP / OSCP+ level learners
- Some steps require analytical thinking rather than brute-force approaches
- The target environment may behave inconsistently (e.g. Redis failures, locking issues), and manual resets may be required
The full walkthrough is available here:
Feel free to share, reference, and reuse this write-up for learning and educational purposes.
If you build upon it or reference it publicly, attribution is appreciated.
- User flag: ✅
- Root flag: ✅
Created as part of Offsec Singapore Chapter meetup.