Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals



Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan


Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463


#cve #Exp #browser

Getting RCE in Chrome with incorrect side effect in the JIT compiler

In this post, I'll exploit CVE-2023-3420, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/


#cve #Exp #browser

Getting RCE in Chrome with incomplete object initialization in the Maglev compiler

In this post, I'll exploit CVE-2023-4069, a type confusion in Chrome that allows remote code execution (RCE) in the renderer sandbox of Chrome by a single visit to a malicious site.

https://github.blog/2023-10-17-getting-rce-in-chrome-with-incomplete-object-initialization-in-the-maglev-compiler/


#cve #Exp #browser

Google Chrome Use After Free vulnerability reported by S4E Team
https://github.com/s4e-lab/CVE-2021-30573-PoC-Google-Chrome

#cve #Exp #browser

Exploit Development:

Playing ROP’em COP’em Robots with WriteProcessMemory()
77 minute read

https://connormcgarr.github.io/ROP2/

#exp

OffSec - OSED 2023 Certified Exploit Developer Training
[ Download ]

#exp

base of exploit mitigations for chrome, dotnet,etc...
[ GitHub ]

#browser #exp

Windows Exploit Development Tutorial Series and other things from FuzzySec
https://fuzzysecurity.com/tutorials.html

#exp #pwn