Rope2 HackTheBox Writeup (Chromium V8, FSOP + glibc heap, Linux Kernel heap pwnable)

This is a technical exploit writeup describing multiple chained vulnerabilities used to compromise a target: a V8 (Chromium) builtin-array OOB that enables addrof/fakeobj primitives and WASM-based RCE, glibc heap manipulation (realloc(0) double-free and FILE structure tampering) to leak libc and overwrite __free_hook for privilege escalation, an Apport CVE-2020-8831 local escalation, and a kernel ralloc driver heap overflow to hijack tty_operations and achieve root. The author includes analysis, exploitation strategy, PoC details, and final remote exploits used to obtain user and root shells on an Ubuntu 19.04 test environment.