Blurry HTB Walkthrough

Ibrahim Isiaq Bolaji April 07, 2025
Welcome to another Hack the Box exercise. In this walkthrough, I showed how I pwned the Blurry machine on Hack the Box. Hack The Box is a cybersecurity platform that helps you bridge knowledge gaps and prepares you for cyber security jobs. You can also test and grow your penetration testing skills, from gathering information to reporting. If you are new to this blog, please do not forget to like, comment and subscribe to my YouTube channel and follow me on LinkedIn for more updates.


About the Machine

Blurry is a medium-difficulty Linux machine that features DevOps-related vectors surrounding machine learning. The foothold is comprised of a series of CVEs recently disclosed about the ClearML suite. The service provides a web platform, a fileserver, and an API; all of which contain vulnerabilities CVE-2024-24590 - CVE-2024-24595 that can be chained together for remote code execution. Once a shell on the target is obtained, a program that can be run with sudo is discovered. The program loads arbitrary PyTorch models to evaluate them against a protected dataset. While it is known that such models are susceptible to insecure deserialisation, fickling is used to scan the dataset for insecure pickle files, prior to loading the model. Malicious code can be injected into a model, using `runpy` to bypass the fickling checks.

blurry hack the box writeup walkthrough

The first step in solving this machine like I have always done in my previous writeup is to sign in into my Hack the Box account. I logged into my Hack the Box account inside the Firefox browser on my Kali Linux, then I downloaded the .ovpn file and renamed it to blurry.ovpn. Then I created a directory on my desktop called BlurryHTB and moved the blurry.ovpn file into it.

Next, I opened the terminal in the folder and ran the following command to establish a connection between my Linux terminal and Hack the Box server. Once the connection was successful, I opened my Kali Linux terminal and ran the following commands to connect my terminal with Hack the Box:

After successfully connecting my Kali Linux machine to HTB server, I navigated to the “Machine” tab and clicked on Blurry. My target machine was assigned an IP address of 10.10.11.19. The next step was performing enumeration using nmap to find all open ports on the target machine, therefore I used the following command to scan for open ports:

nmap -sCV -A 10.10.11.19

I found port 22/tcp with ssh service running at the port and port 80/tcp with http running at the port. This clearly shows we need a reverse shell to get hold of the machine and that the machine is a web application running on port 80.

I began reconnaissance using whatweb to identify technologies running on the target:

The whatweb tool is used in penetration testing to identify technologies used by websites — including web servers, CMS, frameworks, programming languages, and more. It's often one of the first recon tools used in CTFs to fingerprint web applications.

The response revealed an Nginx server redirecting traffic to a virtual host app.blurry.htb, which served a web application titled ClearML. I added the host to my /etc/hosts file and accessed it in my browser for further analysis.


whatweb 10.10.11.19 app.blurry.htb

To edit /etc/hosts and map app.blurry.htb to the IP [10.10.11.19], I ran the following command in the terminal:

blurry.htb app.blurry.htb

Then I add the following in the GNU interface:

10.10.11.19 app.blurry.htb

After successfully mapping the IP address with the host name, I navigated to my browser and visit 10.10.11.19. This redirected me to the app.blurry.htb official website which has ClearML.


ClearML Blurry hack the box

ClearML is an open-source platform designed to make developing and managing machine learning projects easier and more efficient. It automates many of the complex tasks involved in machine learning, such as tracking experiments, managing data, and deploying models.

After understanding what ClearML is, I started searching for vulnerabilities. I found multiple issues, but for the purpose of this blog, I will focus on the intended one which is CVE-2024–24590: Pickle Load on Artifact Get. Vulnerabilities associated to ClearML includes:

  • CVE-2024–24590: Pickle Load on Artifact Get
  • CVE-2024–24591: Path Traversal on File Download
  • CVE-2024–24592: Improper Auth Leading to Arbitrary Read-Write Access
  • CVE-2024–24593: Cross-Site Request Forgery in ClearML Server
  • CVE-2024–24594: Web Server Renders User HTML Leading to XSS
  • CVE-2024–24595: Credentials Stored in Plaintext in MongoDB Instance

The one that will allow us to get a reverse shell is the CVE-2024–24590: Pickle Load on Artifact Get


About the Vulnerability (CVE-2024–24590: Pickle Load on Artifact Get)

This vulnerability in ClearML happens when the software uses a feature called pickle to load data. Pickle can run any code hidden in the data it loads. If an attacker sends harmful data to ClearML, it can trick the system into running dangerous code. This could let the attacker take control of the system or steal information.


blurry hack the box walkthrough

Now, let us proceed with the machine. On the app.blurry.htb/login webpage, we are presented with an input text field "Full Name", you can enter anything and click Start. One thing that caught my attention was that their was no authentication on the webpage to verify the user (no register logic - just a simple click and you are in!)

blurry htb writeup

After signing in, located the "Black Swan" project and you will find three tabs. Click on the "Experiment tab", there you will find several experiments that has been carried out.

blurry walkthrough

You will need to create a new experiment by clicking on the "+ New Experiment" button. This will pop up a screen with an instruction on how to set up ClearML. Firstly, you will need to install ClearML by running the ClearML setup script:

blurry writeup

1. Install ClearML by running the following script:

blurry

2. Run the ClearML setup script:

blurry htb walkthrough

I ran clearml-init to initialize the ClearML client and connect it to the target ClearML instance. It instructed me to generate credentials from the web interface hosted at http://app.blurry.htb/settings/workspace-configuration.

After generating and copying the credentials, I pasted them into the CLI, and ClearML was successfully configured:

These keys allowed me to interact with the ClearML API and potentially inspect user data, artifacts, or trigger internal server activity - opening the door to further enumeration and exploitation. Next, I added files.blurry.htb and api.blurry.htb in the /etc/hosts/ file by running the following command in the terminal:

10.10.11.19 api.blurry.htb files.blurry.htb

After map the host names to the IP address, the next step is settings up a virtual environment. To prepare the environment for running Python-based tools and exploits, I installed virtualenv using pip:

pip install virtualenv

This allowed me to create isolated Python environments for running custom scripts without affecting the system Python packages - helpful in managing dependencies and avoiding conflicts during exploitation.

To interact with the ClearML server on the target, I created a virtual Python environment and installed the ClearML Python client:

During clearml-init, I provided the API credentials and server URLs obtained from the ClearML web interface:

Once the credentials have been pasted, hit the enter key and it will verify the credentials and return an output if it's successful. This successfully configured my environment to interact with the ClearML backend, opening the door to automated queries, data exfiltration, or further exploitation via API endpoints.

blurry htb walkthrough writeup

To exploit ClearML’s insecure artifact deserialization, I crafted a malicious pickle payload designed to trigger a reverse shell upon unpickling.

nano exploit.py

I embedded this payload in a custom Python class with a __reduce__() method that executed arbitrary system commands:

I initialized a ClearML task and uploaded the object as an artifact:

On my attacker machine, I set up a listener with:

Shortly after, the target connected back, giving me a shell. I stabilized it using:

This exploit took advantage of ClearML’s unsafe deserialization of artifacts, resulting in full remote command execution on the target.

After running the exploit.py script, the ClearML server executed the malicious pickle artifact, giving me a reverse shell back as jippity@blurry. Once the shell was stabilized, I enumerated the user's home directory and found the user flag:

I then checked for sudo permissions:

This revealed that the user could execute /usr/bin/evaluate_model as root without a password for any .pth file in /models/. Knowing PyTorch model files can execute arbitrary code when deserialized, I exploited this by placing a malicious torch.py in /models/:

cat root.txt BLURRY HACK THE BOX

This triggered the malicious import and gave me a root shell. I then retrieved the final flag:

Hurray, I got the root flag

jippity@blurry root@blurry

If you enjoy reading my writeup and would want to get notification as soon as I make a new writeup, do not forget to subscribe to my YouTube channel and follow me on my other social media accounts. Thank you.

This walkthrough was first published on Medium on August 31st 2024. The walkthrough had 457 views and 195 reads on Medium and 1,300 views on YouTube.

blurry hack the box walkthrough youtube


Keywords:

eighteen htb writeup

eighteen htb walkthrough

eighteen htb

htb eighteen writeup

eighteen writeup

hackthebox eighteen writeup

htb eighteen walkthrough

eighteen walkthrough

eighteen writeup htb

htb eighteen

gavel htb

eighteen hack the box

eighteen hackthebox writeup

eighteen hackthebox

hack the box eighteen

gavel htb writeup

eighteen walkthrough htb

gavel writeup

htb gavel writeup

eighteen.htb writeup

hackthebox eighteen walkthrough

eighteen hack the box walkthrough

hack the box eighteen walkthrough

hackthebox eighteen

eighteen.htb

eighteen htb machine

"eighteen.htb"

eighteen write up

htb gavel walkthrough

eighteen htb write up

eighteen hackthebox walkthrough

hack the box eighteen writeup

"eighteen" hackthebox writeup

hackthebox gavel writeup

htb eighteen write up

eighteen machine htb

dc01.eighteen.htb

"eighteen" htb writeup

eighteen hack the box writeup

htb gavel

htb "eighteen" writeup

gavel hackthebox writeup

eighteen.htb walkthrough

gavel htb write up

"eighteen" htb walkthrough

htb "eighteen"

htb signed

gavel htb walkthrough

gavel.htb

"overwatch.htb"

gavel hack the box

gavel walkthrough

eighteen writeup hackthebox

signed htb

gavel writeup htb

writeup eighteen

hackthebox "eighteen"

"eighteen.htb" writeup

gavel hackthebox walkthrough

signed.htb

"giveback" htb writeup

"monitorsfour"

htb gavel sql injection payload inventory.php

htb gavel walkthrough sql injection payload inventory.php

hack the box gavel sql injection payload inventory.php

overwatch htb writeup

hack the box gavel sql injection payload inventory.php 2025

htb machine editor xwiki simplistcode pro

htb gavel walkthrough sql injection inventory.php

hack the box gavel walkthrough sql injection payload inventory.php

htb gavel walkthrough sql injection inventory.php payload

hack the box gavel walkthrough sql injection payload

htb gavel sql injection payload inventory.php sort

"gavel.htb"

nanocorp htb

hack the box gavel sql injection payload 2025

gavel.htb/admin.php

htb gavel walkthrough pdo injection sort parameter

htb gavel walkthrough sql injection payload

nanocorp walkthrough

eighteen.htb:5985

gavel 2.0 exploit

"0673ad90a0b4afb19d662336f0fce3a9edd0b7b19193717be28ce4d66c887133" password

gavel.htb/includes

hercules htb writeup

nanocorp htb writeup

editor htb

gavel-util

overwatch htb walkthrough

"hack the box" "eighteen" writeup

hack the box gavel walkthrough pdo injection

htb overwatch writeup

signed htb walkthrough

"eighteen" htb

hercules htb walkthrough

guardian htb writeup

hackthebox overwatch writeup

htb eighteen admin password iloveyou1

gavel.htb/rules

editor htb walkthrough

hercules htb

gavel hackthebox

nanocorp writeup

overwatch writeup htb

conversor htb walkthrough

htb monitorsfour

htb overwatch walkthrough

hackthebox hercules

"dc01.eighteen.htb"

ina2we6harj2gaw!

hackthebox "eighteen" writeup

"browsed.htb"

monitorsfour.htb:5985

overwatch.htb:5985

htb eighteen machine walkthrough

"eighteen" hack the box writeup

eighteen htb github

gavel writeup hackthebox

gavel.htb/.git

hack the box eighteen machine walkthrough

giveback walkthrough

hackthebox gavel walkthrough

hackthebox gavel

htb editor writeup

overwatch hack the box writeup

"overwatch" htb writeup

nanocorp htb walkthrough

overwatch hackthebox writeup

overwatch.htb writeup

hackthebox nanocorp writeup

overwatch writeup hackthebox

giveback htb writeup

htb nanocorp writeup

"browsed" htb writeup

htb topology writeup

htb browsed

"0673ad90a0b4afb19d662336f0fce3a9edd0b7b19193717be28ce4d66c887133"

signed walkthrough

htb gavel write up

"giveback.htb"

htb 18

giveback htb

htb guardian writeup

hercules writeup

wiki.editor.htb

monitorsfour.htb/robots.txt

monitorsfour htb writeup

pterodactyl hack the box walkthrough

editor.htb

conversor walkthrough

htb edit

hack the box eighteen machine

giveback htb walkthrough

htb hercules writeup

pterodactyl htb walkthrough

planning htb

monitorsfour htb walkthrough

hackthebox monitorsfour

htb nanocorp

pterodactyl htb writeup

pterodactyl writeup htb

pterodactyl hackthebox walkthrough

artificial htb

hackthebox pterodactyl

pterodactyl hackthebox writeup

htb pterodactyl writeup

browsed htb writeup

hackthebox nanocorp

htb planning

browsed walkthrough

facts htb walkthrough

htb facts writeup

pingpong htb write up

logging htb write up

silentium htb write up

variatype htb write up

cctv htb write up

facts htb write up

eloquia htb write up

fries htb write up

nanocorp htb write up

hercules htb write up

cobblestone htb write up

interpreter htb write up

wingdata htb write up

pterodactyl htb write up

eighteen htb write up

garfield htb write up

devarea htb write up

kobold htb write up

pirate htb write up

monitorsfour htb write up

overwatch htb write up

hack the box season 10 machine walkthrough

hack the box season 10 machine write up

hack the box season 10 machine complete solution

hack the box season 10 machine root flag

hack the box season 10 machine user flag

Tags
Ibrahim Isiaq Bolaji

Posted by Ibrahim Isiaq Bolaji

I am currently pursing a double master's degree program through the prestigious Erasmus Mundus Joint Master's Programme in Applied Cybersecurity between three consortium universities: Kadir Has University, Istanbul, Turkiye | Saints Cyril and Methodius University in Skopje, North Macedonia | SRH University of Applied Science, Berlin, Germany. Before beginning my master's program, I worked as a cybersecurity instructor at Aptech Education, Gwarinpa, FCT Abuja. Prior to that, I obtained my Bachelor of Technology (B.Tech) degree in Information and Communication Tech from Kebbi State University of Science and Technology, Aliero, Nigeria, where I graduated with a First Class Honours. Upon finishing my master's degree in October 2025, I will be awarded an MSc Applied Cybersecurity from Kadir Has University and an MSc Computer Science from Saints Cyril and Methodius University in Skopje. My area of research interests are in: Software Security & Vulnerabilities | IoT Security | Cloud Computing | Digital Forensics & Incident Response | Malware Analysis | Ethical Hacking | Reverse Engineering | Computer & Network Security | Security & Privacy | Penetration Testing

Post a Comment

0 Comments