GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up

Introduction

After my tutorial on seccomp, thanks for Google CTF for providing such good challenges to learn something new about seccomp escape. Since I was unable to play in Google CTF in time. I think it is necessary to record the challenges.
This post will give the write-up for the execve-sandbox in GoogleCTF. And my write-up is based on [1] and [2]. Continue reading “GoogleCTF 2018 Qual PWN EXECVE-Sandbox Write-up”

Counterfeit Object-oriented Programming

Introduction

This paper was published in Oakland 2015. In this paper, the author introduced COOP (Conterfeit Object Oriented Programming) to bypass the virtual table integrity check and coarse-grained CFI. In COOP, it takes a whole virtual function in C++ code as a gadget to launch the attack. Since the state-of-art CFI does not have a deep knowledge of the semantics of the binary code in C++ and the state-of-art vtable enforcement does not take vtable reuse attack into consideration, COOP attack is hard to be distinguished from benign execution of the program.
Continue reading “Counterfeit Object-oriented Programming”