newbie dive into binary

昨日は海を見に行きました

pwn - CoRCTF

2022-09-14

【pwn 60.0】corjail - CoRCTF2022 (docker escape / kernel exploit)

keywords kernel exploit / docker escape / poll_list / kROP on tty_struct / tty_file_private / setxattr 1. イントロ 2. devenv setup 3. static analysis misc module analysis (rev) seccomp 4. Vuln: NULL-byte overflow 5. pre-requisites sys_poll…

2022-02-24

【pwn 60.0】Fire of Salvation - CoRCTF2021 (kernel exploit)

kernel exploitation race condition pwn - CoRCTF

keywords kernel exploit / msg_msg / msg_seg / userfault_fd / cred walk / kmalloc-4k / shm_file_data / load_msg 1: TL;DR 2: イントロ 3: static lysithea module overview 4: vulnerability 5: FGKASLR 6: kernel .data leak rough plan to leak data…

You can cite code or comments in my blog as you like basically.
There are some exceptions.
1. When the code belongs to some other license. In that case, follow it.
2. You can't use them for evil purpose.
I don't take any responsibility for using my code or comment.
If you find my blog useful, I'll appreciate if you leave comments.

This website uses Google Analytics.It uses cookies to help the website analyze how you use the site. You can manage the functionality by disabling cookies.