Our teammate Suto has just pwned V8 JavaScript engine on Google's V8CTF version M120 using a 0-day exploit.

Additionally, last year our teammate Bien 🇻🇳 also pwned Linux kernel on kernelCTF with a 0-day, that has been fixed and assigned CVE-2023-4244. So far, we have successfully pwned 2/3 liveCTF hosted by Google. We are going to aim for kvmCTF in the future.

I successfully exploited #V8ctf using CVE-2024-0517, writeup and exploit will be published later. chromereleases.googleblog.com/2024/01/stable…

CVE-2024-0517 - Chrome V8 maglev compiler optimization RCE vulnerability, has been derestricted (along with exploit code). This was reported by our teammate Suto issues.chromium.org/issues/41488920

hey #googlectf folks please give us a v8 sbx challenge so we can make our recent submitted 0day useful one last time

After CVE-2024-0223, we reported the bypass and it was assigned CVE-2024-3516: issues.chromium.org/issues/3288591… Months later, someone else reported another variant and Google decided to give up and allow Chrome's GPU to crash instead of fixing the issue.