Summerschool Aachen 2005/Challenges

From C4 Wiki
< Summerschool Aachen 2005
Revision as of 11:39, 25 September 2005 by 80.137.133.194 (talk) (Challenges in Progress)
Jump to: navigation, search

Open Challenges

Challenges in Progress

  • Daniel & Yves - glibc 2.3.5 look at how to exploit heap-based overflows (avoiding the checks)
  • Typo & Ilja - 0wn putty
    • Update: We found some exploitable bugs. --Typo 18:10, 20 Sep 2005 (CEST)
  • Christian feat. Max - verBOTen - a bot that mirrors only that stuff that is protected by robots.txt
  • Max feat. Christian: /SSL fingerprinting
  • Max: RSS fuzzer
  • Chris - Fake driver to replace Apple's IOI2CMotionSensor for further reverse engineering of the motion sensor driver
  • Lorenzo
    • Pick Ilja's challenges up (didn't look at labsession.pdf yet; it should contain more challenges)
    • Just started a glibc function fuzzer (even if I guess it will take long time, tho :-)
    • "Genetic exploit" [to try] to fight against real address space layout randomization. Is it feasible/worth working on? I don't know yet :-) (I'm just starting to think about it; lot of hypotheses and scenario. main issues: fitness function, little knowledge about genetic algorithms :-\)

Finished Challanges

  • Max: Exif_Thumb finish last years project - done see [1] [2]