February 14, 2026

Wingdata HackTheBox Writeup - Season10

Adrian Reategui
Share
HackTheBox Wingdata machine walkthrough

SUMMARY

This write-up covers the WingFTP machine from HackTheBox Season 10. Initial reconnaissance revealed an HTTP service hosting a virtual host running a WingFTP Server instance vulnerable to CVE-2025-47812, a critical Remote Code Execution vulnerability that granted us an initial foothold as the user wacky.

With access to the system, enumeration of the WingFTP server directory uncovered a salted password hash. Using John the Ripper’s dynamic format mode with the recovered salt, the hash was successfully cracked, revealing wacky’s plaintext password.

Further enumeration exposed a misconfigured sudoers rule granting access to a custom binary, which was leveraged to escalate privileges and achieve full root access.

PATH TO FOLLOW

  1. Reconnaissance
  2. Virtual Host Enumeration
  3. Exploiting WingFTP Server — CVE-2025-47812 (RCE)
  4. Initial Access
  5. System Enumeration & Hash Discovery
  6. Cracking the Salted Hash
  7. Sudo Misconfiguration Analysis
  8. Privilege Escalation to Root

CONTENT WILL BE RELEASED ONCE THE MACHINE IS RETIRED

wingftp CVE-2025-47812 Hackthebox Season10

Table of Contents