Highlight: THM: OverlayFS - CVE-2021-3493 'info' room

Channel:
United Kingdom MSec
Subscribers:
530
Published on ● Video Link: https://www.youtube.com/watch?v=w5MTxQDlDso


Duration: 11:16
36 views
0

Recently, SSD-Disclosure released a proof of concept (and a great explanation) for an Ubuntu kernel exploit (https://ssd-disclosure.com/ssd-advisory-overlayfs-pe/).

This vulnerability is particularly serious, as overlayfs is a kernel module that is installed by default on Ubuntu 1804 Server.
If the system is vulnerable, you can very easily escalate from any user to root, as long as you can run a binary.

https://tryhackme.com/room/overlayfs -- Watch live at https://www.twitch.tv/msec



Other Videos By MSec


2022-05-28Highlight: THM: Nmap
2022-05-28Highlight: THM: Google Dorking
2022-05-28Highlight: THM: RustScan
2022-04-26Highlight: THM: Attacktive Directory Room
2022-04-16Highlight: THM: Burp Suite: The Basics 'info' room
2022-04-16Highlight: THM: Apache path traversal CVE-2021-41773/42013 'info' room
2022-04-16Highlight: THM: Burp Suite: Repeater 'info' room
2022-04-16Highlight: THM: Polkit: CVE-2021-3560 'info' room
2022-04-16Highlight: THM: Sudo Baron Samedit CVE-2021-3156 'info' room
2022-04-16Highlight: THM: Sudo Security Bypass CVE-2019-14287 'info' room
2022-04-16Highlight: THM: OverlayFS - CVE-2021-3493 'info' room
2022-04-16Highlight: THM: Sudo Buffer Overflow CVE-2019-18634 'info' room
2022-04-16Highlight: THM: Pwnkit: CVE-2021-4034 'info' room
2022-04-11Highlight: THM: REmux The Tmux 'info' room.
2022-04-11Highlight: THM: Common Attacks 'info' room
2022-04-11Highlight: THM: Python Basics 'info' room
2022-04-11Highlight: THM: Intro to LAN 'info' room
2022-04-08Highlight: THM | Spring4Shell: CVE-2022-22965 'info' room
2022-04-08Highlight: THM | Dirty Pipe: CVE-2022-0847 'info' room
2022-04-05Highlight: THM | Linux Fundamentals Part 3 'info' room
2022-04-05Highlight: THM | Linux Fundamentals Part 1 'info' room


Tags:
bug
bugbounty
bugbountytips
bughunter
burpsuite
coding
cybersecurity
darkweb
ethicalhacker
ethicalhackers
ethicalhacking
exploit
games
hack
hacker
hackerone
hackers
hacking
hackingtools
infosec
kalilinux
linux
metasploit
msec
nmap
owasp
programming
python
security
technology
twitch
virus