Closed ConnorNelson closed 2 years ago
It may be helpful to document what the "Global Dojo" 's config is; as of this post it is:
- name: Introduction
permalink: introduction
lectures:
- name: "Introduction: What is Computer Systems Security"
video: bJTThdqui0g
playlist: PL-ymxv0nOtqrxUaIefx0qEC7_155oPEb7
slides: 1YlTxeZg03P234EgG4E4JNGcit6LZovAxfYGL1YSLwfc
- name: Program Interaction
permalink: interaction
challenges:
- category: embryoio
deadline: 2021-08-31 23:00:00
late: 0.75
lectures:
- name: "Program Interaction: Linux Command Line"
video: w7nQFk6bi_k
playlist: PL-ymxv0nOtqqQ4NR1JnbWoHNm0Q8EspO1
slides: 1aiHdtSm8xoT0u2XcTo3qYGes5GY__-PK-FlVyNBQAfY
- name: "Program Interaction: Binary Files"
video: nKqFeYJ483U
playlist: PL-ymxv0nOtqqQ4NR1JnbWoHNm0Q8EspO1
slides: 1wrX8tvwaxIEk5hx4OtQmPqps-MScIaDO-9bTKQqr8vI
- name: "Program Interaction: Linux Process Loading"
video: kUMCAzSOY-o
playlist: PL-ymxv0nOtqqQ4NR1JnbWoHNm0Q8EspO1
slides: 1TwM5WLWnTqrNkpXjGKkaXYbKZEpatEQYA7ckBVXAOhs
- name: "Program Interaction: Linux Process Execution"
video: Vtb5wIlthRg
playlist: PL-ymxv0nOtqqQ4NR1JnbWoHNm0Q8EspO1
slides: 1ezY9Q8I0tzDD-7ZDXMbQM5RQ7z1dvB9-U_nDEhc6qdE
- name: Program Misuse
permalink: misuse
challenges:
- category: babysuid
deadline: 2021-08-31 23:00:00
late: 0.5
lectures:
- name: "Program Misuse: Privilege Escalation"
video: ZWxYWdiXqD8
playlist: PL-ymxv0nOtqoaG9YCGR36tCfRoXqVcE1E
slides: 1EB7dL5gx3pQlPDqZSEqTtlDiJRZmHGbqRnwxgm4feuw
- name: "Program Misuse: Mitigations"
video: kzbyvr_PJ9k
playlist: PL-ymxv0nOtqoaG9YCGR36tCfRoXqVcE1E
slides: 1pvWd6n4UN3lZ1BdRySWDl80iEYGRJj9VC5exbYlGdAg
- name: Assembly Refresher
permalink: asm
challenges:
- category: embryoasm
deadline: 2021-09-07 23:00:00
late: 0.5
lectures:
- name: "Assembly Refresher: Computer Architecture"
video: 9jc0eSnrzF4
playlist: PL-ymxv0nOtqp88cekzw40aqV0WOw-WYer
slides: 1sVyPL92gbzg_it9aIeC-CjXtF2tpvAmZTKjWc-SlU0c
- name: "Assembly Refresher: Assembly"
video: ImdnOGNZflU
playlist: PL-ymxv0nOtqp88cekzw40aqV0WOw-WYer
slides: 1pN0nuhQIhn92QBitMznFNSRABDkMtbUW4MEJBYFwtwM
- name: Shellcode Injection
permalink: shellcode
challenges:
- category: babyshell
deadline: 2021-09-09 23:00:00
late: 0.5
lectures:
- name: "Shellcode Injection: Introduction"
video: 715v_-YnpT8
playlist: PL-ymxv0nOtqomtHqMqqgpuvWdVSs9NCBK
slides: 1kkfh-dhgxfIZPB1ziyW2JQiC1MbQWn8c7e24kOoDxJ4
- name: "Shellcode Injection: Common Challenges"
video: i1jXV8W-CYQ
playlist: PL-ymxv0nOtqomtHqMqqgpuvWdVSs9NCBK
slides: 1BHsKKkodMLXcHyqJCU0wDgexQ8jHEEiAU9Uq_Z9mibY
- name: "Shellcode Injection: Data Execution Prevention"
video: GH4NBLtPmyo
playlist: PL-ymxv0nOtqomtHqMqqgpuvWdVSs9NCBK
slides: 1tH6jbnpX2_T5ZeDzZBfpLZ-ngpIZp3g25PPQaTr52JU
- name: Sandboxing
permalink: sandbox
challenges:
- category: babyjail
deadline: 2021-09-16 23:00:00
late: 0.5
lectures:
- name: "Sandboxing: Introduction"
video: Ide_eg-eQZ0
playlist: PL-ymxv0nOtqoxTT-GIMLKt_i4zPKi2HlI
slides: 1TpMjTimroiC3Jm0dsteHWEUw06yZ5Oh7iM8YBmbOUkI
- name: "Sandboxing: chroot"
video: C81lO7pG5aA
playlist: PL-ymxv0nOtqoxTT-GIMLKt_i4zPKi2HlI
slides: 1AWl9Gko_L1kDLBtrTFB3EohQU4vQjykpQE5dm9uxYi0
- name: "Sandboxing: seccomp"
video: hrT1xvxGKS4
playlist: PL-ymxv0nOtqoxTT-GIMLKt_i4zPKi2HlI
slides: 1jOTktFSo-TwQklYdsOyC3f-2ba8XuJA8ZFWHjMQyQVI
- name: "Sandboxing: Escaping seccomp"
video: h1L9mF6PHlQ
playlist: PL-ymxv0nOtqoxTT-GIMLKt_i4zPKi2HlI
slides: 1tkBhW2JG-_jRaRDwSpuUYdT-Dg-odtZTdqanQu8vqow
- name: Debugging Refresher
permalink: gdb
challenges:
- category: embryogdb
deadline: 2021-09-28 23:00:00
late: 0.5
- name: Reverse Engineering
permalink: reversing
challenges:
- category: babyrev
deadline: 2021-09-30 23:00:00
late: 0.5
lectures:
- name: "Reverse Engineering: Introduction"
video: ClVocVk1c5g
playlist: PL-ymxv0nOtqrGVyPIpJeostmi7zW5JS5l
slides: 1hw_STBTJh4xqMv4TZAPRqt2rYIEAXXaCQlaBetxUufU
- name: "Reverse Engineering: Functions and Frames"
video: 3IdeyjrMBA4
playlist: PL-ymxv0nOtqrGVyPIpJeostmi7zW5JS5l
slides: 125gIw6rNKvwa-1DO6j3HTWbWtr2q3xD2coTCb0CgmAw
- name: "Reverse Engineering: Data Access"
video: AtVprTb5xBs
playlist: PL-ymxv0nOtqrGVyPIpJeostmi7zW5JS5l
slides: 154CQfQtpleaAQv9xNI1FVosbXc_18VZvXVpcs9Ljzzo
- name: "Reverse Engineering: Static Tools"
video: ls4Eoew6aSY
playlist: PL-ymxv0nOtqrGVyPIpJeostmi7zW5JS5l
slides: 1GcRLX3-cD9eLweEixmBPfawY7viOQWApG7E_HFfqHQQ
- name: "Reverse Engineering: Dynamic Tools"
video: HcBordv7aWU
playlist: PL-ymxv0nOtqrGVyPIpJeostmi7zW5JS5l
slides: 13yzjaRTIlloV8Lg5fcQN2ZYXooVqizLgHVby1ltYeWY
- name: "Reverse Engineering: Real-world Applications"
video: 2pqvHSy11JE
playlist: PL-ymxv0nOtqrGVyPIpJeostmi7zW5JS5l
slides: 1HWiy6OzvPO8YhgTPOsALobh9LagZsJ3Jsx7DJFLAKn4
- name: Memory Errors
permalink: memory
challenges:
- category: babymem
deadline: 2021-10-07 23:00:00
late: 0.5
lectures:
- name: "Memory Errors: Introduction"
video: z_XOhfsVKnU
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 10cq3gCAvYjh_fzqiLLc1hCyqchux7x8pcskk6xGdVL8
- name: "Memory Errors: High-level Problems"
video: 4PJvcZZIyT8
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 1umxk_Gq_yGeCcBEz9toQ6Wil8G1bmK3NdrkFITadPhs
- name: "Memory Errors: Smashing the Stack"
video: PVx1hUlMxtQ
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 1_Zs7s7O_VqXd8prv0GIjUT993qL3KgjVby8qC0Ixs_w
- name: "Memory Errors: Causes of Corruption 1"
video: u80_j06HkpM
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 1N5ybP1-SyU-PbQKMBRfFdNntbLPCOkROOybf_ZYBBBI
- name: "Memory Errors: Causes of Corruption 2"
video: fVa2xahshik
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 1N5ybP1-SyU-PbQKMBRfFdNntbLPCOkROOybf_ZYBBBI
- name: "Memory Errors: Stack Canaries"
video: 55zWlEFflgE
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 19bO811-RSjez-E8zGMJYvUwFi5jW-vRTv19z1g8ZT3I
- name: "Memory Errors: ASLR"
video: SBqERAbDdAk
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 1EOUvQsDsk5eg1Ysq9Us-CnLgCOP5IRIR8P6FThBVeGo
- name: "Memory Errors: Causes of Disclosure"
video: S9IIGVK6K0I
playlist: PL-ymxv0nOtqpmHdeii3NsBurJSvuMTKLL
slides: 1Qonbh98U_s3aN9Ut0dgdHFnm_ymb9e2yUqT6bkY4FbU
- name: Exploitation Scenarios
permalink: exploitation
challenges:
- category: toddlerone
deadline: 2021-10-21 23:00:00
late: 0.5
lectures:
- name: "Exploitation Scenarios: Introduction"
video: A5CnZGst5u4
playlist: PL-ymxv0nOtqp4FnPpSp-o-R196pYwF3QI
slides: 1__cUrVerXgj8xhUbDoeT59vavO_BI1ah3F8a4yNTE40
- name: "Exploitation Scenarios: Hijacking to Shellcode"
video: lsY2g09Hjr0
playlist: PL-ymxv0nOtqp4FnPpSp-o-R196pYwF3QI
slides: 15Ad42MRjETONK3hPp4cOhYWMqHL8ynoxJtXiawR4ro8
- name: "Exploitation Scenarios: Side Effects"
video: AwhN_7YNVLo
playlist: PL-ymxv0nOtqp4FnPpSp-o-R196pYwF3QI
slides: 16fwwUjDuGtIRv1p6sGtJZGTEkEXBRCD1Eb4YIEcIufo
- name: "Exploitation Scenarios: JIT Spray"
video: RHPxiRBapA4
playlist: PL-ymxv0nOtqp4FnPpSp-o-R196pYwF3QI
slides: 1eO49S6JFknXGD5VPv2OeoAuBRp-Ab4HqaQ_mxZXmn14
- name: Return Oriented Programming
permalink: rop
challenges:
- category: babyrop
deadline: 2021-11-02 23:00:00
late: 0.5
lectures:
- name: "Return Oriented Programming: Introduction"
video: El8-vMDJ1zY
playlist: PL-ymxv0nOtqo0fRmVHxeOoKHX6ncNWp06
slides: 1OM8gd6oqiFl2tU6G-ydiCfkNhgUTNKDFoYz-g2IIwHg
- name: "Return Oriented Programming: Binary Lego"
video: L0gzNhbnOUA
playlist: PL-ymxv0nOtqo0fRmVHxeOoKHX6ncNWp06
slides: 1axSooHyjCJulwGNrhYM2GyjWJBSxTAg9Ia9Jpw9gW6s
- name: "Return Oriented Programming: Techniques"
video: OVkObKS0gOo
playlist: PL-ymxv0nOtqo0fRmVHxeOoKHX6ncNWp06
slides: 1x7PASDmpjPDXvkD9HmZ2wC2JJNT8lHCkZTYcDQ9CjAk
- name: "Return Oriented Programming: Complications"
video: Iq2IFCKDpKc
playlist: PL-ymxv0nOtqo0fRmVHxeOoKHX6ncNWp06
slides: 12_ymnKrYPUD1rJz6tauS2oNw45eWivhYMWfUzsnOeHM
- name: Dynamic Allocator Misuse
permalink: heap
challenges:
- category: babyheap
deadline: 2021-11-09 23:00:00
late: 0.5
lectures:
- name: "Dynamic Allocator Misuse: What is the Heap?"
video: coAJ4KyrWmY
playlist: PL-ymxv0nOtqr4OchXR2rV_WNhpj4ccPq1
slides: 16XMoNQQB_jP0odRvQFhgMi3Neo9VR0g1jBvBXKYBnh0
- name: "Dynamic Allocator Misuse: Dangers"
video: Cr9IeGQxFoc
playlist: PL-ymxv0nOtqr4OchXR2rV_WNhpj4ccPq1
slides: 1T5XruKzTxlpslT50op_wxvFsnsa4gshIM0Tue1f8zc4
- name: "Dynamic Allocator Misuse: tcache"
video: 0jHtqqdVv1Y
playlist: PL-ymxv0nOtqr4OchXR2rV_WNhpj4ccPq1
slides: 13NbUlNvj1Rm-Cc_E_Crp678c-mgzCi0BYfzXIzFB3zI
- name: "Dynamic Allocator Misuse: Chunks and Metadata"
video: osFevdDR0Xw
playlist: PL-ymxv0nOtqr4OchXR2rV_WNhpj4ccPq1
slides: 1BlapIDslDaWeBPUamdG0i35-yveGvWJHZaW_0dan6sU
- name: "Dynamic Allocator Misuse: Metadata Corruption"
video: PtpPcGcX020
playlist: PL-ymxv0nOtqr4OchXR2rV_WNhpj4ccPq1
slides: 14SYq0TTVxEGWHNUG1BP66A8liPDD2pqJUs2WrXlCZNE
- name: Race Conditions
permalink: race
challenges:
- category: babyrace
deadline: 2021-11-16 23:00:00
late: 0.5
lectures:
- name: "Race Conditions: Introduction"
video: jXQ8Y5B2sc0
playlist: PL-ymxv0nOtqq2SWDP1K1pXCpT6nkmyiXh
slides: 1cwaI8mwYBAj_GBrDqfCHM4_ansWHlkT5tBIFo8zJqsI
- name: "Race Conditions: Races in the Filesystem"
video: dpsWLu8jxBg
playlist: PL-ymxv0nOtqq2SWDP1K1pXCpT6nkmyiXh
slides: 1aMSJoBqDIY0cYwFwEa4uq4mzjScGzZDFbmkvVcrbF-4
- name: "Race Conditions: Processes and Threads"
video: _hDP1wZKkaI
playlist: PL-ymxv0nOtqq2SWDP1K1pXCpT6nkmyiXh
slides: 11Fq9HwG6yYB9fkEJ-ZJ4kHbu-hL4WizAiUoX9prPN8Y
- name: "Race Conditions: Races in Memory"
video: jNIgU4kI6wY
playlist: PL-ymxv0nOtqq2SWDP1K1pXCpT6nkmyiXh
slides: 1u-aSz-mqwkMIZEDAR-AEPKw5JPn-1q_3Ek_C6JjQUzY
- name: "Race Conditions: Signals and Reentrancy"
video: bPWQFhsUkbs
playlist: PL-ymxv0nOtqq2SWDP1K1pXCpT6nkmyiXh
slides: 1LOmzo79U_QmdggdfQwDej47886iqHIPDGXpl506_SYY
- name: Kernel Security
permalink: kernel
challenges:
- category: babykernel
deadline: 2021-11-23 23:00:00
late: 0.5
lectures:
- name: "Kernel: Introduction"
video: j0I2AakUAxk
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1oUaPUtLIDEMcK49gwvEMmXTyMBVQAeCWvSONV3OkIio
- name: "Kernel: Environment Setup"
video: mDn5IxMetgQ
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1Ik7EWjn_9ywzCW3MpJJ0eVdIvhIMP6brObBQQDtYDCo
- name: "Kernel: Kernel Modules"
video: DLWBWeN2ebM
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1JP1VBpK-kapHanMT4rAF9UtGglId_ZXD2Xh46gPQZFM
- name: "Kernel: Privilege Escalation"
video: 8ty-IFWvuHM
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1tcR4YsVhN2kVUfe8RJw56dtSs-QOwp4-g8qgI0Q3kFM
- name: "Kernel: Escaping Seccomp"
video: mKzUA3j6myg
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1YMlOERClX6Yi8Fb9DYxBBJ5MYB1C-_F75XKkoSmbl8k
- name: "Kernel Security: Memory Management"
video: SygLhZUTmKQ
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1NuvKHcszim25_kNBs5zjYEQYR8xjsLHK14GX8_9wFbE
- name: "Kernel Security: Mitigations"
video: 8nWw8jlQnew
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 1DNxufs_WlQRkzBMjPD7UE1qRrd87XDGpfQSPkiajEyE
- name: "Kernel Security: Writing Kernel Shellcode"
video: L9dJNJDIa5M
playlist: PL-ymxv0nOtqowTpJEW4XTiGQYx6iwa6og
slides: 10Wr3Lj08N-MNZkrk_0WwSG2QgnbLB4cqJsZpNjKj8pI
- name: Advanced Exploitation
permalink: exploitation2
challenges:
- category: toddlertwo
lectures:
- name: "Advanced Exploitation: Introduction"
video: s7DCT9qccYc
playlist: PL-ymxv0nOtqoeZ2n5AcYjv-CzJ64V4Yyu
slides: 1uHpo78FQVv8RaPe0IVUMXRBouBau6j4JFgx3_1-_wIw
- name: "Advanced Exploitation: Heap Address Disclosure via Race Conditions"
video: LFlsuBF-s7g
playlist: PL-ymxv0nOtqoeZ2n5AcYjv-CzJ64V4Yyu
slides: 1Nh47gCskB3Cr1d6Yr1Q8RWwt2p8DlHvJbwgSs-3m4kA
- name: "Advanced Exploitation: In-Memory Forensics"
video: WElEwa1pXCw
playlist: PL-ymxv0nOtqoeZ2n5AcYjv-CzJ64V4Yyu
slides: 1UY3GniieKBiphekH_RmkghYdm5M5DBNklHCxfN2S62A
- name: "Advanced Exploitation: Exploit Primitives"
video: PY9fNJel-X8
playlist: PL-ymxv0nOtqoeZ2n5AcYjv-CzJ64V4Yyu
slides: 1fMVQqCeNioayny-oUd3uYFNzkyHDz3u-B8f_JiJtf6Y
- name: "Advanced Exploitation: End-to-End Pwnage"
video: okLF1WnbV4M
playlist: PL-ymxv0nOtqoeZ2n5AcYjv-CzJ64V4Yyu
slides: 1Q6ZjNq7VeU08Tba5uWkgJy6IMH5sDT8jCW1d8vmau4M
- name: "Advanced Exploitation: Kernel Races"
video: hpON-ojRks4
playlist: PL-ymxv0nOtqoeZ2n5AcYjv-CzJ64V4Yyu
slides: 16MN3BneO7l16SX_cpvTYlV25nfdRuqfRIRQvV-iURa0
We want to support private dojos hosted within a dojo. This makes it significantly easier to create a private instance, without needing to spin up a fully isolated instance on its own server, managing upgrades, mirroring changes, etc. Of course, we still want the dojo to be fully open source to allow people to spin up their own instances with arbitrary modifications if they want to.
This is how it will work. Within the settings, users will be able to enter/join/initialize private dojos.
A user may have one private dojo associated with their account (if for some reason they need more, for now they will need to create additional accounts). They can set a name for the private dojo, and upon initializing, a unique code will be generated.
Users may join a private dojo with the unique code.
From there, users may arbitrarily "enter" the private dojos they have joined, as well as the global dojo. The currently "entered" dojo will impact the scoreboard that they see, as well as the modules/challenges.
Tasks