I make pwn videos.
We achieve arbitrary read/write in the JavaScriptCore of WebKit
Setting the foundation for an arbitrary read/write (and re-implementing addrof and fakeobj).
Simple buffer overflow speedrun challenge, exploited with a ROP chain generated by Ropper. And analyse the timeline.
In this video we turn the bug used in addrof() to corrupt the memory of internal JavaScriptCore Objects which can help us to compromise the engine.
We finally look at the actual exploit code! We start with the addrof() primitive, which can leak the address of a JavaScript object in memory.
Looking at the WebKit JIT compiler - the part that converts JavaScript bytecode to machine code.
We are going to try out Linus's exploit and setup a vulnerable WebKit version including debug symbols.
The start of a new series. We will try to learn some basics about Browser Exploitation.
Guest video by OALabs about unpacking a self-injection malware.
