HackTheBox – Previous Walkthrough | Next.js CVE-2025 LFI, Terraform Privilege Escalation

In this Hack The Box machine, we exploit a Next.js CVE-2025 Local File Inclusion vulnerability to gain initial access, then escalate privileges through Terraform misconfigurations. If you're learning ethical hacking, OSCP, or just love seeing machines get popped... this one's for you.

📂 Scripts, and Commands:
https://github.com/strikoder/CTFS/blo...
📖 Additional Resources:
https://gist.github.com/strikoder/138...
🏠 Room Link:
https://www.hackthebox.com/machines/p...
--------
⏱️ Timestamps:
00:00 - Intro & Target Overview
01:32 - Enum
08:25 - Exploitation (next.js)
27:50 - Privilege Escalation Enum
37:00 - sudo Terraform exploitation
--------

Follow me for more real-world hacking walkthroughs, live streams, and cert prep content 👇

💻 Labs
GitHub: https://github.com/strikoder

🎥 Streams & Short Content
Twitch:   / strikoder  
Instagram:   / strikoder  
TikTok:   / strikoder  

💬 Community & Discussions
Discord Server:   / discord  
X (Twitter): https://x.com/Strikoder

📨 Official Contact
LinkedIn:   / strikoder  
Email: strikoder@gmail.com

More videos coming soon on PNPT, and OSCP prep.
Stay tuned, and thanks for the support!

#previous #oscp #pt1 #hackthebox #linux
#ethicalhacking #cybersecurity #pentesting #ctf #infosec #enumeration #privilegeescalation #windowshacking #networksecurity #bugbounty #RedTeam #capturetheflag #hackingtools #cyberseclabs #hackermindset #Nmap #terminal #nextjs #lfi #terraform #strikoder