Updown write-up by elf1337

Here is my writeup for Updown which is an medium box start with a leaky git dir led to subdomain, bypassing filters, uploaded a phar for foothold, then abused custom setuid file for user access & used sudo for prives

Check detailed blog here.