1. Overview 2. Component of the nf_tables 2-1. Netlink 2-2. table 2-3. chain 2-4. rule / expr 2-4-1. payload 2-4-2. set_payload 2-4-3. cmp 3. How nf_tables works 3-1. nft_regs 3-2. nft_do_chain 4. Vulnerability 5. Exploit 4-1. Preparation 4-2. Leak Kernel Data 4-3. Kernel ROP 4-3-1. __do_softirq Gadget 4-3-2. modprobe_path 6. Finish 1. Overview nf_tables는 Linux 커널의 하위 시스템 Netfilter에서 동작하는 기능입니다...

1. Overview 2. Vulnerabilty 3. Cross-Cache UAF 4. Dirty Pagetable 4-1. Dirty Pagetable VIA flie UAF 4-2. /dev/dma_heap/system 4-3. Arbitrary Physical Address Read / Write 5. Escaping nsjail 6. Finish Full Write Up https://velog.io/@0range1337/CTF-m0lecon-CTF-final-2023-kEASY-Cross-Cache-UAF-Dirty-Pagetable-Escaping-nsjail [CTF] m0lecon CTF final 2023 - kEASY : Cross-Cache UAF + Dirty Pagetable +..