## TL;DR
You need to exploit three parts in this challenge

1. userland exploitation
backdoor that allows ROP chain that can be used to get arbitray code execution

2. kernel backdoor
backdoor that creates CALL GATE in the LDT (local descriptor table) to get kernel mode escalation and write kernel shellcode

3. sandbox escape
disable seccomp and escalate priviliges through kernel shellcode (corrupt current task_struct)

## [more ...](https://w0y.at/writeup/2024/07/16/hitcon-ctf-2024-quals-seccomp-hell.html)