BlizzardCTF 2017 - Strng

Points: Legendary Solves: 0 Category: Exploitation Description: Blizzard CTF 2017: Sombra True Random Number Generator (STRNG) Sombra True Random Number Generator (STRNG) is a QEMU-based challenge developed for Blizzard CTF 2017. The challenge was to achieve a VM escape from a QEMU-based VM and capture the flag located at /root/flag on the host. The image used and distributed with the challenge was the Ubuntu Server 14.04 LTS Cloud Image. The host used the same image as the guest. The guest was reset every 10 minutes and was started with the following command: ./qemu-system-x86_64 -m 1G -device strng -hda my-disk.img -hdb my-seed.img -nographic -L pc-bios/ -enable-kvm -device e1000,netdev=net0 -netdev user,id=net0,hostfwd=tcp::5555-:22 Access to the guest was provided by redirecting incoming connections to the host on port 5555 to the guest on port 22.

DefconQuals 2018 - EC3

Points: 150 Solves: 27 Category: Exploitation Description:

TokyoWesterns 2017 - Parrot

Points: 267 Solves: 9 Category: Exploitation Description:

BCTF 2017 - PoisonousMilk

Points: 500 Solves: 21 Category: Exploitation Description: Do you know Huang Xudong? Let me show you his power.

0ctf Quals 2017 - BabyHeap2017

Points: ~275 Solves: ~30 Category: Exploitation Description: Let’s practice some basic heap techniques in 2017 together!

Mental Snapshot - _int_free and unlink

Summary

Kernel Exploitation for Dummies

Introduction

Tokyo Westerns MMA 2016 - Diary

Points: 300 Solves: 14 Category: Exploitation Description: You can use “./bash”, if necessary.

Tokyo Westerns MMA 2016 - Shadow

Points: 400 Solves: 29 Category: Exploitation Description:

Tokyo Westerns MMA 2016 - Interpreter

Points: 200 Solves: 21 Category: Exploitation Description: