I am thrilled to be invited to join MatrixCup 2024 in QingDao, China with my team, 打个没五分钟充电三小时, humorously named after M53.
I would like to thank 360安全应急响应中心 and VUL-AI for their support and sponsorship to make this trip possible.
We were invited to participate in the AI category of the competition, which involves building an AI to automatically solve Pwn challenges.
Other than the AI category, there are also tracks such as A&D and Zero Day (concentrate on exploiting 0day vulnerabilities in mainstream products like Samsung).
As a person who never touched binary exploitation and built an AI, this category is a new concept to me. We had to spend a lot of time to research before the competition starts.
Based on the rule, the bot should be capable of performing the following tasks:
We were also informed that during the competition day, we would receive a hint about the type of challenge expected for the bot (Stack/Heap/Etc). And presumably, we couldn’t analyze the challenge manually; everything was to be done by the bot since this is an AI track. All we could do was tweak the bot based on the hint, submit it, and cross our fingers.