Challenge List for Practicing

Feel free to practice by following the order (or any order).

• 2021 VULNCON - IPS: Heap Address Leaking cross kmem-cache
• 2021 VULNCON - IPS: FreeList Hijacking
• 2021 VULNCON - IPS: Cross-Page Overwriting, Simple Page Level Heap Fengshui
• 2021 CorCTF - Wall of Perdition: UAF2Leak, RetSpill, FG-KASLR bypassing
• 2024 DownUnderCTF - Faulty Kernel: Page Struct, pipe_buffer, Cross Cache, Data Follow attacking(/etc/passwd)
• 2024 CrewCTF - kUlele: Cross Cache from Page allocation to Slub
• 2022 corCTF - Cache of Castaways: Limit Heap Overflow, Limit Spray Fengshui Crafting, Cred Spray
• 2022 corCTF - Cache of Castaways: pipe_buffer AAR/AAW
• 2023 corCTF - Sysruption: sysret, iret, tcp_prot, and micro-arch.
  • (Prerequisite)cve-2022-4543: Entry Bleed
• 2023 HITCON - Wall-Rose: pipe_buffer AAR/AAW
• 2022 corCTF - CorJail: pipe_buffer AAR/AAW, Docker Escaping

Reproduced CVEs:

I reproduced these kernel CVEs but have not published write-ups:

• KCTF - cve-2023-4623
• KCTF - cve-2023-31436
• KCTF - cve-2023-3611

Challenges without Write-Up

I solved these kernel challenges but have not published write-ups:

• pwn.college - Kylebotfs: Intro of Kernel Heap
• pwn.college - Kernel Exploitation: Intro of FBS
• 2024 idekCTF- Dead Pwners Socity: Race Condition, CFI, AAF, Fengshui, FUSE

Obsolete

These challenges/skills are old/simple/obsolete. Practice if you like:

• 2021 QWB - notebook: Race Condition, userfaultfd
• 2021 asisCTF minimemo (Heap Overflow / Link Related Attack)