Home

Awesome

RWCTF21-VirtualBox-61-escape

0day VirtualBox 6.1 Escape for RealWorld CTF 2020/2021

Demo

Exploit Demo

What?

This is our solution for RealWorld CTF's "Box Escape" challenge from the 2020/2021 quals. Currently a 0day but we'll add the CVE number once there is one. CVE-2021-2119

How does it work?

We wrote a blogpost describing the vulnerabilities and our exploit techniques. You can find it here.

How to protect yourself?

Until the release build of VirtualBox is patched disable SCSI.

Credits

Writing this exploit was a joint effort of a bunch of people.

"A ROP chain a day keeps the doctor away. Immer dran denken, hat mein Opa immer gesagt."

~ Niklas Baumstark (2021)

I had the pleasure of working with this group of talented people over the course of multiple sleepless nights and days during and even after the CTF was already over just to get the exploit working properly on a release build of VirtualBox and to improve stability. This truly shows what a small group of dedicated people is able to achieve in an incredibly short period of time if they put their minds to it! I'd like to thank every single one of you :D