Motivation I’ve been wanting to learn about V8 Pwn for quite a while for essentially no reason, but didn’t have the opportunity to do so. Recently I happened to have some spare time to do free research, so I turned my attention to browser exploitation. I’d recommend readers to watch LiveOverflow’s browser exploitation series before … Continue reading Browser Exploitation: A Case Study Of CVE-2020-6507
To be fair, the attack chain is pretty straight forward. I kinda hope all the other vulnerabilities are easy to analyze like this one… log4j By looking at log4j’s official documents, it’s not hard to get an idea on how it basically works. To build a test environment, start a new Java project, and add … Continue reading Log4j Analysis: More JNDI Injection
Follow My Blog
Get new content delivered directly to your inbox.