Interpreter

Reconnaissance
Initial Access
Privilege Escalation - User
Privilege Escalation - Root
Key Takeaways
Tools Used
Flags
Remediation Recommendations

Reconnaissance

Target Details

Host: interpreter.htb
Vulnerability: CVE-2023-43208 (Mirth Connect pre-auth RCE)

Port Scanning

nmap -sC -sV -p- interpreter.htb

Port	State	Service	Version
22/tcp	Open	SSH	OpenSSH 9.2p1
80/tcp	Open	HTTP	Jetty
443/tcp	Open	SSL/HTTP	Jetty

Web Enumeration

Browsing to https://interpreter.htb reveals a Mirth Connect instance.

Version fingerprinting:

curl -sk https://interpreter.htb/api/server/version -H "X-Requested-With: XMLHttpRequest"

Output: 4.4.0

Critical finding: Mirth Connect 4.4.0 is vulnerable to CVE-2023-43208 (pre-auth RCE via XStream deserialization).

The rest of this writeup is locked

Contact me on Discord or LinkedIn for the password.

Contact on Discord

HackTheBox policy restricts publishing walkthroughs for active-season machines. This writeup is password-protected to respect that policy while keeping the content available to those who already have access.

Table of Contents

Reconnaissance

Target Details

Port Scanning

Web Enumeration

The rest of this writeup is locked