SKILLS ASSSSMENT

This is a comprehensive evaluation delivered after completing an entire module, designed to measure a learner’s overall mastery of the material. Unlike the focused practical exercises, the skills assessment tests broader understanding by combining multiple concepts into scenario-based challenges. This ensures that learners not only remember the content but can integrate different techniques, analyze problems holistically, and demonstrate readiness to progress further in the training path.

OBJECTIVE

We were able to gain SSH access to a Linux machine whose password was reused by another machine during our penetration test.

On this machine, we have a standard user "htb-student" who can leave a message to the administrator using a self-written program called "leave_msg." Since the target company pays a lot of attention to defense from outside their network, and the administrator's appearance showed high self-confidence, it may indicate that local security was disregarded.

After our research, we found out that these messages are stored in "/htb-student/msg.txt," which is binary owned by the user root, and the SUID bit is set.

Examine the program and find out if it is vulnerable to a Stack-Based Buffer Overflow. If you have found the vulnerability, then use it to read the file "/root/flag.txt" placed on the system as proof.