Exploit Development

470 readers
1 users here now

A curated community dedicated to strictly technical materials about vulnerability research, exploit development and reverse engineering.

founded 2 years ago
MODERATORS
udunadan
listing: all - local
1
33
Pixel GPU Exploit: A kernel exploit for Pixel7/8 Pro with Android 14 (github.com)
submitted 1 year ago by ColdPints to c/exploitdev
1 comments fedilink
2
1
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991 (qriousec.github.io)
submitted 1 year ago by ColdPints to c/exploitdev
0 comments fedilink
3
3
From Terminal Output to Arbitrary Remote Code Execution (blog.solidsnail.com)
submitted 2 years ago by solidsnail to c/exploitdev
0 comments fedilink
 
 

cross-posted from: https://infosec.pub/post/2466014

This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

4
7
No More Speculation: Exploiting CPU Side-Channels for Real (bughunters.google.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
5
4
Diving into Windows Remote Access Service for Pre-Auth Bugs (www.blackhat.com)
submitted 2 years ago* (last edited 2 years ago) by udunadan to c/exploitdev
0 comments fedilink
6
6
iOS 17: New Version, New Acronyms (www.df-f.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
7
7
You have become the very thing you swore to destroy: Remotely exploiting an Antivirus engine (cfp.recon.cx)
submitted 2 years ago by udunadan to c/exploitdev
2 comments fedilink
8
4
Use Native Pointer of Function to Bypass The Latest Chrome v8 Sandbox (medium.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
9
7
In-depth Analysis of the CVE-2023-29300 Adobe ColdFusion Serialization Vulnerability (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
10
5
[Chrome] CVE-2023-2033 (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
11
8
Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers (www.zerodayinitiative.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
12
5
An Introduction to Exploit Reliability (blog.isosceles.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
13
3
MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis (securityintelligence.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
14
3
Summary: MTE As Implemented (googleprojectzero.blogspot.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
15
7
All known API based kernel address leaks on Windows no longer work (twitter.com)
submitted 2 years ago* (last edited 2 years ago) by udunadan to c/exploitdev
0 comments fedilink
16
5
CVE-2023-3389 - Exploiting a vulnerability in the io_uring subsystem of the Linux kernel (qyn.app)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
17
7
Escaping the Google kCTF Container with a Data-Only Exploit (h0mbre.github.io)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
18
7
The Legacy of Stagefright (blog.isosceles.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
19
5
prctl anon_vma_name: An Amusing Linux Kernel Heap Spray (starlabs.sg)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
20
5
CVE-2023-35086 POC - ASUS routers format string vulnerability [DOS] (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
21
4
A new method for container escape using file-based DirtyCred (starlabs.sg)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
22
1
[Chrome] UAF in MLGraphXnnpack::BuildOnBackgroundThread (reward: $11000) (crbug.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
23
5
Zenbleed (lock.cmpxchg8b.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
24
7
[Chrome ITW sandbox escape] Integer overflow in SkSLVMCodeGenerator (skia) (bugs.chromium.org)
submitted 2 years ago by udunadan to c/exploitdev
4 comments fedilink
25
5
Exploiting MikroTik RouterOS Hardware with CVE-2023-30799 - Blog - VulnCheck (vulncheck.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
view more: next ›