TryHackMe | toc2

Room progress ( 0% )

To access material, start machines and answer questions login.

Task 1Get Connected

Welcome,

In order to complete this room, you will need to connect to the TryHackMe OpenVPN, details for which can be found at: https://tryhackme.com/access.

Remember when deploying the virtual machine, it can take up to 5 minutes to properly boot up. Good luck, happy hacking.

Answer the questions below

Connect to the TryHackMe OpenVPN

Task 2Exploit the Machine

I have a theory that the truth is never told during the nine-to-five hours. - Hunter S. Thompson

Answer the questions below

Find and retrieve the user.txt flag

Escalate your privileges and acquire root.txt

Task 3Further Exploration

LiveOverflow has an amazing video exploring this kind of vulnerability, as well as how to remediate it which you can find here. I thoroughly recommend checking it out if you're having trouble visualising how this kind of race condition works and how to properly exploit it:

https://www.youtube.com/watch?v=5g137gsB9Wk

The Wikipedia entry for this kind of vulnerability is also extremely useful, and provides similar examples in C of how this vulnerability can occur and be exploited for leveraging privileges.

Have a great day, stay safe.

~ Polo

Answer the questions below

I now understand where to find more information on this kind of vulnerability.

Created by

PoloMints

Room Type

Free Room. Anyone can deploy virtual machines in the room (without being subscribed)!

Users in Room

2,437

Created

1777 days ago

Ready to learn Cyber Security? Create your free account today!

TryHackMe provides free online cyber security training to secure jobs & upskill through a fun, interactive learning environment.

Already have an account? Log in