OOO archive --- DEF CON CTF [ login ]

dc2020q - keml pwn kernel

by mike_pizza

This was a jeopardy challenge, part of dc2020q. (CTFtime)

Points: 343
Was solved by: 5 teams
PCAPs: download

You may spawn the server:

On your laptop
  • Install docker
  • docker pull archiveooo/pub:keml (docker-saved download)
  • docker run -d --name keml archiveooo/pub:keml
  • Local IP: docker inspect keml -f '{{ .NetworkSettings.Networks.bridge.IPAddress }}'
  • Connect to that IP:5000 — Remember to docker rm -f when done.
On your laptop (full source)
  • Install docker and pip install PyYAML coloredlogs
  • git clone https://github.com/o-o-overflow/dc2020q-keml-public
  • cd keml
  • ./spawner --log-level=INFO
  • Connect to the ip:port displayed
Hosted by OOO Right now we're asking players to login first.

Description

introducing TOCTOU resistant memory. flag is in /root/flag

line_weight keml.tgz

Hints

None yet :(
If you wish, you can contribute some.

Source

Spoilers ahead! Code for this challenge is publicly available.