bug-hunting-101

January 21, 2022 ยท View on GitHub

What is this?

This repository is to help new-comers (like ourselves) of binary bug hunting area to improve their skills.

Currently, the gap between CTF and real world bug hunting can be quite huge. And this repository is our attempt to solve that problem by porting the real world bug hunting to small exercises.

CVEs are selected out and setup in a certain scene, your goal is to repeat the process of finding such vulnerabilities out.

Intro

We have prepared 3 levels. Each level provides excersises with different difficulties:

  • Level 1: Details of the CVEs are provided to help you from "re-discovering" the original vulnerability. Reports like this are provided. So this should be the easiest level.
  • Level 2: the details will be emitted. But to narrow down, information about which part of the project contains such vulnerability will be provided. For example, if the bug is about ANGEL (module of the Chromium project), the information about the file will be provided. Most of the time, the path to the patch file should help that.
  • Level 3: quite like level 2, but need PoC and exploit (optional)

LEVEL 1

Exercise No.CVEsTarget
LEVEl_1/exercise_1CVE-2020-6542Chrome WebGL
LEVEl_1/exercise_2CVE-2020-6463Chrome ANGLE
LEVEl_1/exercise_3CVE-2020-16005ANGLE
LEVEl_1/exercise_4CVE-2021-21204Chrome Blink
LEVEl_1/exercise_5CVE-2021-21203Blink
LEVEl_1/exercise_6CVE-2021-21188Blink
LEVEl_1/exercise_7CVE-2021-30565V8 GC

LEVEL 2

Exercise No.CVEsTarget
LEVEL_2/exercise_1CVE-2021-21128Blink
LEVEL_2/exercise_2CVE-2021-21122Blink
LEVEL_2/exercise_3CVE-2021-21112Blink
LEVEL_2/exercise_4CVE-2021-30565Chrome Tab
LEVEL_2/exercise_5CVE-2021-21159Tab
LEVEL_2/exercise_6CVE-2021-21190Chrome pdfium
LEVEL_2/exercise_7CVE-2020-6422Blink

LEVEL 3

Exercise No.CVEsTarget
LEVEl_3/exercise_1CVE-2021-21226navigation_predictor
LEVEl_3/exercise_2CVE-2021-21224V8
LEVEl_3/exercise_3CVE-2021-21223mojo
LEVEl_3/exercise_4CVE-2021-21207IndexDB
LEVEl_3/exercise_5CVE-2021-21202extensions
LEVEl_3/exercise_6CVE-2021-21198IPC
LEVEl_3/exercise_7CVE-2021-21155Tab

Original Author

How to contribute

Writing your exercise follow this format.