Tryhackme | CVE-2021–3493

A Tryhackme room made by NinjaJc01 where it explains about a recent CVE that affects multiple versions of Ubuntu.

This exploits OverlayFS which is a Linux kernel module that allows the system to combine several mount points into one, so that you can access all the files from each within one directory structure. For more information please check out this wiki.

To get started, ssh into the vulnerable machine. For this, I’ll be attacking the box in the room with the provided credentials:

Username: overlay
Password: tryhackme123

Next, grab the source code which is available on SSD-Disclosure and save it any name that is suitable with the extensions C.

Compile it.

Command to compile and output to named file.

And simply run the binary and we will automatically be root!

For more information regarding the vulnerability please check out links below:

Mitre’s CVE entry

The code and explanation

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store