Guest Lecture by Robert Xiao
Exploiting a Filesystem Driver in a Kernel CTF Challenge
When and Where
You got this information via the mailing list or via other channels.
In this talk, we will dissect the process of exploiting a buggy filesystem driver, by walking through the final part of the SSTIC 2022 CTF challenge. We will cover how to achieve filesystem corruption and ultimately kernel memory corruption, and along the way learn about filesystems and filesystem abstractions in the Linux kernel.
- Download the following archive and extract it: redacted-package.zip
- Install QEMU. Then, you can run the VM using
- You can mount the “goodfs” filesystem using
mounter_client mount goodfs n1Q0TRoxE9Y061TTFy6fMoEIVfDOhPfE. It will appear in
- The first goal is to open
/mnt/goodfs/private/first_flag, which requires corrupting the goodfs filesystem.
- The second goal is to open
/root/final_secret.txt, which requires compromising either the kernel or the
- There will be a remote version with the real flags. The IPs and ports will be published during the talk.