A walkthrough of HackTheBox Searcher — exploiting CVE-2023-43364 (Searchor 2.4.0 RCE) for initial access, then leveraging a path injection vulnerability in a privileged Python script to escalate to root.
