Leviathan Level 2 → Level 3 | Learn Basic Exploitation Techniques

In this post we will learn how to use a tool ltrace to exploit a program and a vulnerability in access() known as TOCTOU race (Time of Check to Time of Update) Learn how to create symbolic files in Linux using a tool called ltrace. The program calls the access function to create a symbolic link to something he doesn’t have access to. In the small time between the two calls, the file may have changed. A malicious user could substitute a. file he has access to for a. symbolic link. If pathname is a symbolic. link, it is dereferenced.