Skip to main content
Cybersecurity

Table 1 List of CTF pwn programs evaluated with Revery

From: From proof-of-concept to exploitable

 

Name

CTF

Vul type

Crash type

Vio.

Final state

EXP

Rex

Control Flow Hijack

woO2

TU CTF 2016

UAF

heap err

V1

EIP hijack

Y

N

 

woO2 _fixed

TU CTF 2016

UAF

heap err

V1

EIP hijack

Y

N

 

shop 2

ASIS Final 2015

UAF

mem read

V1

EIP hijack

Y

N

 

main

RHme3 CTF 2017

UAF

mem read

V1

mem write

Y

N

 

babyheap

SECUINSIDE 2017

UAF

mem read

V1

mem write

Y

N

 

b00ks

ASIS Quals 2016

Off-by-one

no crash

V1

mem write

Y

N

 

marimo

Codegate 2018

Heap BOF

no crash

V1

mem write

Y

N

 

ezhp

Plaid CTF 2014

Heap BOF

no crash

V1

mem write

Y

N

 

note1

ZCTF 2016

Heap BOF

no crash

V1

mem write

Y

N

Exploit-able State

note2

ZCTF 2016

Heap BOF

no crash

V1

unlink init

N

N

 

note3

ZCTF 2016

Heap BOF

no crash

V1

unlink init

N

N

 

fb

AliCTF 2016

Heap BOF

no crash

V1

unlink init

N

N

 

stkof

HITCON 2014

Heap BOF

no crash

V1

unlink init

N

N

 

simple note

Tokyo Westerns 2017

Off-by-one

no crash

V1

unlink init

N

N

Failed

childheap

SECUINSIDE 2017

Double Free

heap err

V1

-

N

N

 

CarMarket

ASIS Finals 2016

Off-by-one

no crash

V1

-

N

N

 

SimpleMemoPad

CODEBLUE 2017

Heap BOF

no crash

-

-

N

N

 

LFA

34c3 2017

Heap BOF

no crash

-

-

N

N

 

Recurse

33c3 2016

UAF

no crash

-

-

N

N

  1. Out of 19 applications, Revery could generate exploits for 9 of them, and generate EXP inputs to trigger exploitable state for another 5 of them, and failed for the rest 5
Back to article page