CTF games have flourished in recent years. However, more GLIBC heap allocator exploit techiniques are becoming boring and meaningless, especially for games in China. Challenges are well-designed, deliberately constructed, leading to specific ways to solve them, which is actually further and further away from real world exploits. I started to aim more at Linux kernel memory allocator these days and gathered some imformation about Buddy System & SLUB hitherto.
Like user mode, there are also couples of ways of mitigation against exploits in Linux kernel. Here is a list of mitigation in kernel mode and methods to bypass some of them.
Refreshed by X1do0
the new theme demo babble
Congratulations to Kaztebin, ranked 1 in DEFCON CTF29 again.
It reminds me of my first ctf competition with Katzebin: hxp2020 . There are some excellent challenges in this game which I missed out at that time, including some linux kernel exploitations. Recently I started to learn kernel pwn, and I think it’s time to solve these left challenges.
周末和学弟学妹一起打的一场比赛，比较基础，但涉及的知识面较广，有必要整理查漏补缺 url: https://ctftime.org/event/1397 rank 8 with lilac
比赛时看了几道cold down, EXSI找到了洞但是不好复现…