Just dropped our writeup for HackTheBox Gavel on 🔨
A Medium Linux machine featuring:
🔹 SQLi bypassing PDO protection
🔹 RCE via runkit_function_add()
🔹 Root privesc using YAML injection

Check out the full walkthrough here:
kaizenl.ink/7e8dgm

#HTB #hackthebox #writeup #htbgavel