A Tryhackme room made by NinjaJc01 where it explains about a recent CVE that affects multiple versions of Ubuntu.
This exploits OverlayFS which is a Linux kernel module that allows the system to combine several mount points into one, so that you can access all the files from each within one directory structure. For more information please check out this wiki.
To get started, ssh into the vulnerable machine. For this, I’ll be attacking the box in the room with the provided credentials:
Username: overlay
Password: tryhackme123
Next, grab the source code which is available on SSD-Disclosure and save it any name that is suitable with the extensions C.
Compile it.
And simply run the binary and we will automatically be root!
For more information regarding the vulnerability please check out links below:
