浏览器安全

V8 hole 类型漏洞利用总结

一JSMap基本概念参考文章 [V8 Deep Dives] Understanding Map Internals(https://itnext.io/v8-deep-dives-understanding-map-internals-45eb94a183df)下面...

天府杯 2023”Chrome WebAudio 错误条目中的释放后使用漏洞 (CVE-2023-5996 [1497859])

漏洞描述:在Google Chrome中,发现了一个影响渲染器进程的漏洞,主要涉及到AudioContext的功能。在正常情况下,AudioContext在没有用户交互的情况下不会进行...

Opera Browser Zero-Day RCE Vulnerability on Cross-Platforms

Opera's Zero-Day RCE: It's not a soap opera, but it sure has drama. Grab your popcorn and secure your browser! 歌剧的零日RCE:这不是一个肥皂剧,但...

深入探讨分析野外 Google Chrome V8类型混淆漏洞的V8 沙箱逃逸技术

介绍我们正在分析一个野外 V8 漏洞CVE-2023–2033。一旦我们利用了该漏洞,就不难获得典型的利用原语,例如addrof、V8堆中的读取和写入。问题是我们需要逃离 V...

CVE-2023-5480: Chrome new XSS Vector

Chrome XSS Chrome XSS的 The article is informative and intended for security specialists conducting testing within the scope of a contract. The au...

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

Cybersecurity researchers have disclosed a now-patched security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be e...

Google Chrome V8 CVE-2024-0517 越界写入代码执行

介绍该漏洞源于V8的Maglev编译器,特别是它如何编译具有父类的类。当涉及到父类和构造函数时,编译器需要查找它们,而在此过程中引入了漏洞。在本文中,我们...

Opera浏览器跨平台0-Day RCE漏洞

1.漏洞情况Guardio Labs研究团队近日在流行的Opera Web浏览器系列中发现了一个严重的0day漏洞, 该漏洞允许攻击者使用定制浏览器扩展在Windows或MacOS系统上执...

Start Your Engines – Capturing the First Flag in Google’s New v8CTF

Background 背景 In early October 2023, Google announced a new addition to their reward program, v8CTF. According to the rules: “v8CTF is a part of ...

picoCTF 2021 – Kit Engine

Analysis 分析 We are given d8, source.tar.gz and server.py. Let's look at server.py first: 我们被赋予 d8 了 , source.tar.gz 和 s...
1 2 3 11