V8 Exploitation

The Quarterly Quiz

Welcome to the 2024 fall Quarterly Quiz, and to the world of browser exploitation! In this set of challenges, you can explore Chromium's Javascript engine, V8.

In each challenge, a custom patch is introduced to a version of v8, and you're given the patch, build options, as well as the d8 binary. d8 is the developer shell of the v8 engine.

Author: sinamhdv

Lectures and Reading

V8 has a number of helpful runtime functions for debugging that can be activated with the --allow-natives-syntax flag. Here is a list of them from V8's source code.

DebugPrint() is particularly useful in inspecting an object's memory layout!

Challenges

Reference the included patch file to exploit the javascript engine!

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank		Hacker	Badges		Score

V8 Exploitation

The Quarterly Quiz

Lectures and Reading

Reference Material

Hints

Challenges

level1

level2

level3

level4

level5

level6

level7

level8

level9

30-Day Scoreboard:

V8 Exploitation

The Quarterly Quiz

Lectures and Reading

Reference Material

Reference Material

Hints

Hints

Challenges

level1 56 solves

level1

level2 38 solves

level2

level3 28 solves

level3

level4 26 solves

level4

level5 25 solves

level5

level6 19 solves

level6

level7 20 solves

level7

level8 15 solves

level8

level9 18 solves

level9

30-Day Scoreboard: