Sidebar

Exploit Development

"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development ColdPints 6 months ago 100%
Pixel GPU Exploit: A kernel exploit for Pixel7/8 Pro with Android 14 github.com
30
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development ColdPints 6 months ago 66%
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991 https://qriousec.github.io/post/vbox-pwn2own-2023/
1
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development solidsnail 1 year ago 100%
From Terminal Output to Arbitrary Remote Code Execution https://blog.solidsnail.com/posts/2023-08-28-iterm2-rce

cross-posted from: https://infosec.pub/post/2466014 > This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried to make the writing engaging.

3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
No More Speculation: Exploiting CPU Side-Channels for Real bughunters.google.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Diving into Windows Remote Access Service for Pre-Auth Bugs www.blackhat.com
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
iOS 17: New Version, New Acronyms www.df-f.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 88%
You have become the very thing you swore to destroy: Remotely exploiting an Antivirus engine https://cfp.recon.cx/2023/talk/KTMT73/
7
2
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Use Native Pointer of Function to Bypass The Latest Chrome v8 Sandbox https://medium.com/@numencyberlabs/use-native-pointer-of-function-to-bypass-the-latest-chrome-v8-sandbox-exp-of-issue1378239-251d9c5b0d14
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
In-depth Analysis of the CVE-2023-29300 Adobe ColdFusion Serialization Vulnerability github.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Chrome] CVE-2023-2033 github.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Exploiting a Flaw in Bitmap Handling in Windows User-Mode Printer Drivers www.zerodayinitiative.com
8
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
An Introduction to Exploit Reliability blog.isosceles.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis securityintelligence.com
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Summary: MTE As Implemented https://googleprojectzero.blogspot.com/2023/08/summary-mte-as-implemented.html
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
All known API based kernel address leaks on Windows no longer work https://twitter.com/yarden_shafir/status/1685740223181832193
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
CVE-2023-3389 - Exploiting a vulnerability in the io_uring subsystem of the Linux kernel https://qyn.app/posts/CVE-2023-3389/
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Escaping the Google kCTF Container with a Data-Only Exploit h0mbre.github.io
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
The Legacy of Stagefright blog.isosceles.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
prctl anon_vma_name: An Amusing Linux Kernel Heap Spray starlabs.sg
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
CVE-2023-35086 POC - ASUS routers format string vulnerability [DOS] github.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
A new method for container escape using file-based DirtyCred starlabs.sg
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Chrome] UAF in MLGraphXnnpack::BuildOnBackgroundThread (reward: $11000) https://crbug.com/1425370
1
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Zenbleed https://lock.cmpxchg8b.com/zenbleed.html
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Chrome ITW sandbox escape] Integer overflow in SkSLVMCodeGenerator (skia) https://bugs.chromium.org/p/chromium/issues/detail?id=1432603
7
4
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Exploiting MikroTik RouterOS Hardware with CVE-2023-30799 - Blog - VulnCheck vulncheck.com
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Linux kernel eBPF] CVE-2023-2163 PoC github.com
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Shifting boundaries: Exploiting an Integer Overflow in Apple Safari - Exodus Intelligence blog.exodusintel.com
7
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Zero Day Initiative — CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability www.zerodayinitiative.com
4
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
TheHole New World - how a small leak will sink a great browser (CVE-2021-38003) starlabs.sg
6
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Chrome] Heap-use-after-free in ExclusiveAccessBubbleViews::UpdateBounds (reward: $10000) https://crbug.com/1426521
5
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
V8 Sandbox - Code Pointer Sandboxing docs.google.com
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability https://talosintelligence.com/vulnerability_reports/TALOS-2023-1757
3
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
CVE-2023-28754 Apache ShardingSphere RCE (SnakeYAML Deserialization) https://www.openwall.com/lists/oss-security/2023/07/19/3
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Chrome] oob write in vrend_renderer_transfer_write_iov (reward: $15000) https://bugs.chromium.org/p/chromium/issues/detail?id=1427332
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
[Chrome] Race Condition UAF in amdtee_open_session (reward: $10000) https://bugs.chromium.org/p/chromium/issues/detail?id=1407048
2
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Anatomy of Lockdown Mode https://blacktop.github.io/presentations/0x41con_2023/HTML/index.html
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
CVE-2023-2033: Chrome [0-day] JIT optimisation issue https://bugs.chromium.org/p/chromium/issues/detail?id=1432210
2
3
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent blog.qualys.com
5
1
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development ColdPints 1 year ago 100%
CVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driver | Bluefrostsecurity https://labs.bluefrostsecurity.de/blog/cve-2023-2008.html
3
0
"Initials" by "Florian Körner", licensed under "CC0 1.0". / Remix of the original. - Created with dicebear.comInitialsFlorian Körnerhttps://github.com/dicebear/dicebearEX
Exploit Development udunadan 1 year ago 100%
Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1747
4
0