Nimbus
HackTheBox Nimbus machine writeup — reconnaissance and enumeration walkthrough.
Nimbus
Table of Contents
- Environment Setup
- Reconnaissance
- Web Application Enumeration
- SSRF Discovery & Exploitation
- IMDS Credential Theft (IP Filter Bypass)
- AWS Enumeration with Stolen Credentials
- SQS Job Injection & YAML Deserialization RCE
- Container Escape via CodeBuild + core_pattern
- Full Automation - nimbus.py Explained
- Complete Exploit Script - nimbus.py
- Flags
- Attack Chain Summary
- Lessons Learned & Mitigations
Premium Content
The full exploitation walkthrough, privilege escalation, and flags are available exclusively for members.
Unlock Full Writeup → This post is licensed under CC BY 4.0 by the author.