In my security research I often come across weird quirks and behaviours that aren’t particularly useful beyond a neat party trick. It’s always a good idea to keep track of them though, perhaps one day they’ll be just the missing piece you need. Untitled presentation ...
Despite having 7 Chrome CVEs, I’ve never actually fully exploited a memory corruption in its V8 JavaScript engine before. Baby array.xor, a challenge at this year’s openECSC CTF, was my first time going from a V8 bug to popping a /bin/sh shell. Most V8 exploits tend to have two stages to them - figuring out a unique way to trigger some sort of a...
Say you handed me your phone, what’s the worst I could do in 10 seconds? Web.telegram.orgedited 23:51 Click that link and your browser will be logged into telegram without passwords23:52 The other day I received an interesting message with a link to Telegram’s web client. Upon clicking on the link, I found myself already logged in....