Skip to main content
Room Banner
Room Icon

toc2

It's a setup... Can you get the flags in time?

medium

75 min

3,607

User profile photo.

To access material, start machines and answer questions login.

Score updated
Score updated

Welcome,

In order to complete this room, you will need to connect to the TryHackMe OpenVPN, details for which can be found at: https://tryhackme.com/access.

Remember when deploying the lab machine, it can take up to 5 minutes to properly boot up. Good luck, happy hacking.

Answer the questions below
Connect to the TryHackMe OpenVPN

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machine
Status:Off
Lab machine
Status:Off

I have a theory that the truth is never told during the nine-to-five hours. - Hunter S. Thompson

Answer the questions below
Find and retrieve the user.txt flag

Escalate your privileges and acquire root.txt

LiveOverflow has an amazing video exploring this kind of vulnerability, as well as how to remediate it which you can find here. I thoroughly recommend checking it out if you're having trouble visualising how this kind of race condition works and how to properly exploit it:

https://www.youtube.com/watch?v=5g137gsB9Wk (opens in new tab) (opens in new tab)

The Wikipedia entry for this kind of vulnerability is also extremely useful, and provides similar examples in C of how this vulnerability can occur and be exploited for leveraging privileges.

Have a great day, stay safe.

~  Polo

Answer the questions below
I now understand where to find more information on this kind of vulnerability.