GitHub - jhalon/CVE-2018-17463: Working Proof of Concept Exploit for CVE-2018-17463
Working Proof of Concept Exploit for CVE-2018-17463 - jhalon/CVE-2018-17463
Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan
jhalon.github.ioIn my previous post “Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals”, we took our first deep dive into the world of browser exploitation by covering a few complex topics that were necessary for fundamental knowledge. We mainly covered topics on how JavaScript and V8 worked under the hood by exploring what objects, maps and shapes were, how these objects were structured in memory, and we also covered some basic memory optimizations such as pointer tagging and pointer compression. We also touched on the compiler pipeline, bytecode interpreter, and code optimizations.
An Introduction to Chrome Exploitation - Maglev Edition
Introduction Originally, I intended to write a simple note on the Maglev compiler and how to adjust V8 shellcode from Linux to Windows. But as I started, the project grew unexpectedly. I found myself diving into some prerequisites like the V8 pipeline and a root cause analysis of CVE-2023-4069, the bug we are about to explore. What began as a brief memo soon unfolded into a deeper exploration and I hope the reader will find some benefits from these additional insights.