Informational Repository tracking times that real world bugs have come out of CTF challenges intentionally or otherwise
-
CVE-2016-5007
-
CVE-2020-6512 (unconfirmed CTF background)
-
CVE-2020-27348
-
CVE-2020-27348
-
CVE-2012-1823
-
Bunyan's Revenge
-
Lollerska8ters FreeBSD 0day
- http://dubai2013.honeynet.org/briefings.html#talk8
- Brought for extra pwnage during AD CTF
-
Pirate Danbi
-
Several from Google CTF 2019:
- Gomium Browser
- https://github.com/google/google-ctf/blob/master/2019/finals/solutions.pdf
- CVE-2019-18276
- https://nvd.nist.gov/vuln/detail/CVE-2019-18276
- https://github.com/google/google-ctf/blob/master/2019/finals/solutions.pdf
- gPhotos2
- https://blog.bushwhackers.ru/googlectf-2019-gphotos-writeup/
- (unintended, used different than expected image magick vulns!)
- intended, but also real-world imagemagick 0day: https://blog.kaibro.tw/2019/11/05/Google-CTF-2019-Final-%E9%81%8A%E8%A8%98/
-
35C3 CTF Entire category of 0day challenges (zajebiste).
- https://archive.aachen.ccc.de/35c3ctf.ccc.ac/challenges/index.html
- But there were many other unintended vulnerabilities found and used instead throughout the CTF! https://twitter.com/_niklasb/status/1111624505615675392?s=19
- https://twitter.com/_niklasb/status/1121804193839427584?s=19
- CVE-2019-2556
- https://twitter.com/j0nathanj/status/1085587860315693057?s=19
-
Many CTF challenges have inspired real-world bug finding:
-
CVE-2019-2684
-
https://bugs.chromium.org/p/chromium/issues/detail?id=1077139
-
CVE-2011-2018
- Sortable/better table format
- Standard tags for different types of interactions (used as legit challenge, found accidentally, used against infra, etc)