CTF Week Meeting 2022-09-22

Good news

We got rank 10 in the dfjk CTF final round.

For this score, congratulations to @Frankss, @Monad, @GGA, and me. We won ￥10,000 in this game, and a certification & trophy for our score.

In the past wd CTF, we have achieved rank 7 as well.

This is the most famous event which is hosted by Ministry of Public Security. If we won in the semifinal round, we can get the award from them.

Congratulation to @Frankss, @Monad, @GGA. The semifinal round is around 20 days later, offline.

The register due today!!!

https://ctf.bytedance.com/

We need to register on this website, and receive the team invitation.

Now we have 2 teams, all full.

If you are not in either of them, please create a new team, and post the team invitation code in our group.

Welcome everyone!

Our party has been delayed several times, let's find a time to take a break in Hai Di Lao.

Would it's fine this weekend?

Our schedule is set to ByteCTF on this Sunday.

But I also wrote some tutorials about the kernel pwn for you. It's a pleasure to share something about pwning.

In the CTF, pwn is the most challenging part of all aspects. Usually, we divide pwn into 3 parts: stack, heap, and kernel.

We already learned about the stack pwn (bof, rop, and rol). However, about the heap and the kernel, we still need to deal with them.

In the kernel pwn, I would introduce several parts:

After learning about this part, we can try to find some Linux kernel vulnerabilities, just like CVE-2021-3156 or CVE-2021-4034.