Cool Story Bro

好魂我招

From RPC To RCE: VMWare Log Insight CVE-2022-31704

Preparations Recently I noticed that horizon3 team’s blog on VMWare Log Insight’s IOCs and technical analysis and decided to take a look at this bug myself. I registered for a trial version of Log Insight on VMWare’s website and downloaded OVA images for both 8.10.2 (patched version) and 8.10.0 (vunlerable version) versions. After basic setup…

Browser Exploitation: A Case Study Of CVE-2020-6507

Motivation I’ve been wanting to learn about V8 Pwn for quite a while for essentially no reason, but didn’t have the opportunity to do so. Recently I happened to have some spare time to do free research, so I turned my attention to browser exploitation. I’d recommend readers to watch LiveOverflow’s browser exploitation series before…


Follow My Blog

Get new content delivered directly to your inbox.