Exploiting V8 at openECSC
A beginner-friendly journey from a memory corruption to a browser pwn.
GitHub - JeremyFetiveau/pwn-just-in-time-exploit: Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug)
Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug) - JeremyFetiveau/pwn-just-in-time-exploit
Untangling a bizarre WASM crash in Chrome
How we solved a strange issue involving the guts of Chrome and the Go compiler.
Faster async functions and promises
Personal website of Benedikt Meurer, JavaScript Engine Hacker and Programming Language Enthusiast.
An Introduction to Chrome Exploitation - Maglev Edition
Introduction Originally, I intended to write a simple note on the Maglev compiler and how to adjust V8 shellcode from Linux to Windows. But as I started, the project grew unexpectedly. I found myself diving into some prerequisites like the V8 pipeline and a root cause analysis of CVE-2023-4069, the bug we are about to explore. What began as a brief memo soon unfolded into a deeper exploration and I hope the reader will find some benefits from these additional insights.
Exploiting Chrome V8: Krautflare (35C3 CTF 2018) · Jay Bosamiya
In this challenge, we had to obtain remote code execution, simply by exploiting a 1-day bug that forgot the difference between -0 and +0. This has probably been one of the most difficult, fun, and frustrating bugs I have ever exploited.
The first journey of implementing Float16Array into V8
I merged the Float16 feature to v8 today. (Float16 is half precision defined in IEEE754.)