LiveOverflow | The fakeobj() Primitive: Turning an Address Leak into a Memory Corruption @LiveOverflow | Uploaded 5 years ago | Updated 6 hours ago
Part5: In this video we turn the bug used in addrof() to corrupt the memory of internal JavaScriptCore Objects which can help us to compromise the engine.
The Exploit: github.com/LinusHenze/WebKit-RegEx-Exploit
Saelo's exploit: github.com/saelo/cve-2018-4233/blob/master/pwn.js
Saelo's phrack paper: http://www.phrack.org/papers/attacking_javascript_engines.html
-=[ π΄ Stuff I use ]=-
β Microphone:* geni.us/ntg3b
β Graphics tablet:* geni.us/wacom-intuos
β Camera#1 for streaming:* geni.us/sony-camera
β Lens for streaming:* geni.us/sony-lense
β Connect Camera#1 to PC:* geni.us/cam-link
β Keyboard:* geni.us/mech-keyboard
β Old Microphone:* geni.us/mic-at2020usb
US Store Front:* amazon.com/shop/liveoverflow
-=[ β€οΈ Support ]=-
β per Video: patreon.com/join/liveoverflow
β per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ π Social ]=-
β Twitter: twitter.com/LiveOverflow
β Website: liveoverflow.com
β Subreddit: reddit.com/r/LiveOverflow
β Facebook: facebook.com/LiveOverflow
-=[ π P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#BrowserExploitation
Part5: In this video we turn the bug used in addrof() to corrupt the memory of internal JavaScriptCore Objects which can help us to compromise the engine.
The Exploit: github.com/LinusHenze/WebKit-RegEx-Exploit
Saelo's exploit: github.com/saelo/cve-2018-4233/blob/master/pwn.js
Saelo's phrack paper: http://www.phrack.org/papers/attacking_javascript_engines.html
-=[ π΄ Stuff I use ]=-
β Microphone:* geni.us/ntg3b
β Graphics tablet:* geni.us/wacom-intuos
β Camera#1 for streaming:* geni.us/sony-camera
β Lens for streaming:* geni.us/sony-lense
β Connect Camera#1 to PC:* geni.us/cam-link
β Keyboard:* geni.us/mech-keyboard
β Old Microphone:* geni.us/mic-at2020usb
US Store Front:* amazon.com/shop/liveoverflow
-=[ β€οΈ Support ]=-
β per Video: patreon.com/join/liveoverflow
β per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ π Social ]=-
β Twitter: twitter.com/LiveOverflow
β Website: liveoverflow.com
β Subreddit: reddit.com/r/LiveOverflow
β Facebook: facebook.com/LiveOverflow
-=[ π P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#BrowserExploitation