explore weird machines...
Basic Game Hacking on Windows with Cheat Engine and Ghidra.
Solving a massive digital circuit
We achieve arbitrary read/write in the JavaScriptCore of WebKit
Setting the foundation for an arbitrary read/write (and re-implementing addrof and fakeobj).
Simple buffer overflow speedrun challenge, exploited with a ROP chain generated by Ropper. And analyse the timeline.
We go over the boxed vs. unboxed values, how to convert addresses to doubles and why our bug is a memory corruption.
In this video we turn the bug used in addrof() to corrupt the memory of internal JavaScriptCore Objects which can help us to compromise the engine.
We finally look at the actual exploit code! We start with the addrof() primitive, which can leak the address of a JavaScript object in memory.
Looking at the WebKit JIT compiler - the part that converts JavaScript bytecode to machine code.
