Skip to content
/ CTF Public

Something about CTF and vulnerability environment, mainly about kernel exploit.

Notifications You must be signed in to change notification settings

bsauce/CTF

Repository files navigation

CTF

Something about CTF and vulnerability environment

  1. dl_resolve_64 —— 32位/64位dlresolve最全总结(不用泄露地址-执行one_gadget)——64位下构造dl_resolve,不用泄露地址 https://xz.aliyun.com/t/5722
  2. stringipc —— 【linux内核漏洞利用】StringIPC—从任意读写到权限提升三种方法——一道任意读写的内核题 https://www.jianshu.com/p/07994f8b2bb0
  3. TokyoWesternsCTF2019-gnote——TokyoWesternsCTF-2019-gnote Double-Fetch—一道double-fetch题目的内核题。
  4. KrazyNote-Balsn CTF 2019——【linux内核userfaultfd使用】BalsnCTF2019-KrazyNote—一道条件竞争漏洞的内核题目
  5. STARCTF_2019_hackme——【call_usermodehelper提权路径变量总结】—一道整数溢出&竞争的内核题
  6. ret2dir——【linux内核漏洞利用】ret2dir利用方法
  7. kernoob——【内核漏洞利用】绕过CONFIG_SLAB_FREELIST_HARDENED防护—kernoob两种解法
  8. corCTF 2021——【Exploit trick】Linux内核中利用msg_msg结构实现任意地址读写
  9. corCTF 2022-cache-of-castaways——【Exploit trick】针对 cred 结构的 cross cache 利用(corCTF 2022-cache-of-castaways)
  10. corCTF-2022-corjail-poll_list——【Exploit trick】利用poll_list对象构造kmalloc-32任意释放 (corCTF 2022-CoRJail)

About

Something about CTF and vulnerability environment, mainly about kernel exploit.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published