At UIUCTF 2023, I played with Project Sekai CTF team. We achieved 3rd place overall. Below is my writeup for some pwn challenges in the CTF. Zapping a Setuid 1 I was reading how Zapps work the other day and I thought I could do better. However, what happens when a setuid was zapped? Hint: Oops I left CVE-2009-0876 open. Looking around the VM, we saw a directory with a setuid binary named exe: uiuctf-2023:~/zapps/build$ ls -la total 2456 drwxr-xr-x 1 root root 76 Jun 19 18:12 . drwxr-xr-x 1 ro...
