V8 Exploitation


The Quarterly Quiz

Welcome to the 2024 fall Quarterly Quiz, and to the world of browser exploitation! In this set of challenges, you can explore Chromium's Javascript engine, V8.

In each challenge, a custom patch is introduced to a version of v8, and you're given the patch, build options, as well as the d8 binary. d8 is the developer shell of the v8 engine.

Author: sinamhdv


Lectures and Reading

V8 has a number of helpful runtime functions for debugging that can be activated with the --allow-natives-syntax flag. Here is a list of them from V8's source code.

DebugPrint() is particularly useful in inspecting an object's memory layout!


Challenges

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!

Reference the included patch file to exploit the javascript engine!


30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score