System Exploitation


CSE 466 - Fall 2023

Our world is built on a foundation of sand. You have seen the insecurities with individual programs. Consider that these programs, in turn, are pressed together into complex systems. Humanity tries its best, but the parts of systems do not fit perfectly, and gaps of insecurity abound within the seams. Hackers know the art of sneaking through these gaps, and now, you have reached the point of your journey where you shall develop this art as well. Push through, and join us on the other side.

Note: This module is the "final exam" of the CSE466 Fall 2023 course. This is the final boss module to obtain the green belt ranking! You have the knowledge, there are no additional lecture videos. Good Luck!


Challenges

Take advantage of yan85.. in the kernel!

Take advantage of yan85.. in the kernel!

Defeat yan85's seccomp implementation.

Defeat yan85's seccomp implementation.

Introducing... multiple ypus!

Introducing... multiple ypus!

Exploit a userland binary with mutexes.

Exploit a userland binary with mutexes.

Exploit the userland binary to run multiple ypus.

Exploit the userland binary to run multiple ypus.

Exploit the userland binary to run multiple ypus.

Exploit the userland binary to run multiple ypus.

Circumvent yan85's output sanitization.

Circumvent yan85's output sanitization.

Circumvent yan85's output sanitization with KASLR.

Circumvent yan85's output sanitization with KASLR.


30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

Rank Hacker Badges Score