Exploiting Dynamically Generated Code: 2019 KCTF Problem 5

Written by pwnbykenny | Published 2020/12/02
Tech Story Tags: v8 | buffer-overflow | jit | javascript | exploit | programming | coding | code

TLDR The root cause of this bug is an inconsistency in the JIT compilation of v8. The JIT compiler of v.8 generates code that contains the array overflow bug. This is very different from normal exploitation whose exploit is data. The exploit can also be source code instead of data. And the shellcode provided here is tested on x86_64 & Linux. It’s not guaranteed that the shell code will work on other CPU architectures and operating systems. The code is used to access arbitrary memory addresses.via the TL;DR App
no story
Written by pwnbykenny | A Ph.D. A Hacker. My personal website: https://pwnbykenny.com
Published by HackerNoon on 2020/12/02
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy