Tags: assembly seccomp sandbox pwn
Rating: 5.0
- we can upload assembly code wich gets executed
- seccomp filters prevent us from using most syscalls
- overwrite libc symbols in the assembly to bypass seccomp
- leak the remote binary and libc
- let the assembly code jump to a magic gadget to get a shell
For a detailed description, follow the link :D
