Forwarded from r0 Crew (Channel)
MS Edge RCE (CVE-2018-8495). Chaining a few bugs in Edge to be able achieve remote code execution by mainly abusing custom URI schemes.
Article:
https://leucosite.com/Microsoft-Edge-RCE/
POC:
https://github.com/kmkz/exploit/blob/master/CVE-2018-8495.html
#browser #edge #rce #expdev #darw1n
Article:
https://leucosite.com/Microsoft-Edge-RCE/
POC:
https://github.com/kmkz/exploit/blob/master/CVE-2018-8495.html
#browser #edge #rce #expdev #darw1n
Leucosite
Edge RCE
(CVE-2018-8495) Chaining small bugs together to achieve RCE
Forwarded from r0 Crew (Channel)
Forwarded from r0 Crew (Channel)
Chrome 1-day RCE PoC (Array.prototype.map)
https://blog.exodusintel.com/2019/04/03/a-window-of-opportunity/
#re #expdev #rce #1day #browser #darw1n
https://blog.exodusintel.com/2019/04/03/a-window-of-opportunity/
#re #expdev #rce #1day #browser #darw1n
Exodus Intelligence
A window of opportunity: exploiting a Chrome 1day vulnerability
This post explores the possibility of developing a working exploit for a vulnerability already patched in the v8 source tree before the fix makes it into a stable Chrome release.