Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

CVE-2023-38408

Max room.

Learn how to move laterally abusing libraries' side effects in Ubuntu (CVE-2023-38408).

medium

60 min

7,064

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machine
Status:Off
Lab machine - Task 1
Status:Off
assigned the identifier -2023-38408 on July 19th in response to a critical vulnerability in OpenSSH's PKCS#11 feature prior to version 9.3p2. This security flaw, which allows remote code execution if an agent is forwarded to an attacker-controlled system due to an insufficiently trustworthy search path, has been found by The Qualys Threat Research Unit (TRU) (opens in new tab). It's essential to note that loading code from /usr/lib into -agent can pose significant risks. This vulnerability represents an incomplete fix for a previous -2016-10009.

The discovered vulnerability impacts all OpenSSH versions preceding 9.3p2, posing substantial risks for users who utilize agent forwarding in untrusted environments. To safeguard against the threat of remote code execution, it is strongly advised to upgrade to OpenSSH version 9.3p2 or above.

To deploy the attached , press the green Start Lab Machine button at the top of the task and connect to the machine via , you can use the following credentials:

THM key
Usernameredqueenrebel
PasswordDownTheRabbitHole!
Answer the questions below
Let’s get started!