System Exploitation

CSE 466 - Fall 2023

Our world is built on a foundation of sand. You have seen the insecurities with individual programs. Consider that these programs, in turn, are pressed together into complex systems. Humanity tries its best, but the parts of systems do not fit perfectly, and gaps of insecurity abound within the seams. Hackers know the art of sneaking through these gaps, and now, you have reached the point of your journey where you shall develop this art as well. Push through, and join us on the other side.

Note: This module is the "final exam" of the CSE466 Fall 2023 course. This is the final boss module to obtain the green belt ranking! You have the knowledge, there are no additional lecture videos. Good Luck!

Challenges

Take advantage of yan85.. in the kernel!

Defeat yan85's seccomp implementation.

Introducing... multiple ypus!

Exploit a userland binary with mutexes.

Exploit the userland binary to run multiple ypus.

Circumvent yan85's output sanitization.

Circumvent yan85's output sanitization with KASLR.

Module Ranking

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

Week | Month | All Time

Rank		Hacker	Badges		Score

System Exploitation

CSE 466 - Fall 2023

Challenges

level1.0

level1.1

level2.0

level2.1

level3.0

level3.1

level4.0

level4.1

level5.0

level5.1

level6.0

level6.1

level7.0

level7.1

level8.0

level8.1

Module Ranking

System Exploitation

CSE 466 - Fall 2023

Challenges

level1.0 69 solves

level1.0

level1.1 64 solves

level1.1

level2.0 60 solves

level2.0

level2.1 57 solves

level2.1

level3.0 48 solves

level3.0

level3.1 44 solves

level3.1

level4.0 43 solves

level4.0

level4.1 42 solves

level4.1

level5.0 39 solves

level5.0

level5.1 39 solves

level5.1

level6.0 38 solves

level6.0

level6.1 38 solves

level6.1

level7.0 37 solves

level7.0

level7.1 36 solves

level7.1

level8.0 36 solves

level8.0

level8.1 36 solves

level8.1

Module Ranking