🖥️OverlayFS: CVE-2021-3493

Exploit a 2021 Kernel vulnerability in Ubuntu to become root almost instantly!

OverlayFS - CVE-2021-3493TryHackMe

https://tryhackme.com/room/overlayfs

Room Attributes	Value
Subscription Required	False [Free]
Type	Walkthrough
Difficulty	Info
Tags	PrivEsc, Linux, Ubuntu, Kernel, CVE-2021-3493

Task 1 - What is OverlayFS?

I have a very rough overview of what OverlayFS is

No answer needed

Task 2 - CVE-2021-3493 - OverlayFS Exploit

Deploy the machine with the Start Machine button in this task and wait up to 2 minutes for the VM to boot.

No answer needed

SSH into the machine with the credentials provided in the task text.

No answer needed

Grab the source code for the exploit from SSD-Disclosure here and save it as exploit.c on the target machine.

HINT: Perhaps the easiest way is copy/pasting the code into a text editor like Nano or Vim!

No answer needed

Compile the exploit with gcc. If you're finding this difficult, a command is given in the hints.

HINT: gcc -o exploit exploit.c

No answer needed

Run your compiled exploit, and get root! What's the flag in /root/?

Reveal Flag 🚩

🚩thm{27aaa5865a52dcd4cb04c0e0a2d39404}

Task 3 - Further reading

Hope you've enjoyed this short room.

No answer needed