Exploiting Dynamically Generated Code: 2019 KCTF Problem 5

Written by pwnbykenny | Published 2020/12/02
Tech Story Tags: v8 | buffer-overflow | jit | javascript | exploit | programming | coding | code

TLDR The root cause of this bug is an inconsistency in the JIT compilation of v8. The JIT compiler of v.8 generates code that contains the array overflow bug. This is very different from normal exploitation whose exploit is data. The exploit can also be source code instead of data. And the shellcode provided here is tested on x86_64 & Linux. It’s not guaranteed that the shell code will work on other CPU architectures and operating systems. The code is used to access arbitrary memory addresses.via the TL;DR App

no story

Written by pwnbykenny | A Ph.D. A Hacker. My personal website: https://pwnbykenny.com
Published by HackerNoon on 2020/12/02