Sandboxing


Archive F2021

Lectures and Reading






Challenges

Escape a basic chroot sandbox!

Escape a basic chroot sandbox by utilizing shellcode.

Escape a chroot sandbox with shellcode.

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["openat", "read", "write", "sendfile"]

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["linkat", "open", "read", "write", "sendfile"]

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["fchdir", "open", "read", "write", "sendfile"]

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["chdir", "chroot", "mkdir", "open", "read", "write", "sendfile"]

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["openat", "read", "write", "sendfile"]

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["close", "stat", "fstat", "lstat"]

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["read", "exit"]. Note that "write" is disabled! You will need a creative way of extracting the flag data from your process!

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["read", "nanosleep"]. Note that "write" is disabled! You will need a creative way of extracting the flag data from your process!

Escape a chroot sandbox using shellcode, but this time only using the following syscalls: ["read"]. Note that "write" is disabled! You will need a creative way of extracting the flag data from your process!

Escape a different kind of sandbox in which a jailed child process is only communicable to from a parent process.


Module Ranking

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

Rank Hacker Score