HTB Fatty Writeup by Immo

The box was rated as insane and required us to grab a client and information from an anonymous FTP server, modify the Java client to exploit lacking server side validation, exploit Java deserialization, and exploit and careless administrator who periodically pulls log archives from within docker containers and extracts them. All in all this box was quite entertaining but not necessarily insane. Rather it mostly was just time-consuming.

You can check the compiled client here