I hereby claim:
- I am ducphanduyagentp on github.
- I am dphan0x80 (https://keybase.io/dphan0x80) on keybase.
- I have a public key whose fingerprint is 3796 106E F244 F6C6 EE39 09B3 07A6 7A8D 5C67 96C2
To claim this, I am signing this object:
#include <stdio.h> | |
#include <stdlib.h> | |
#define chunksize 0x8 | |
#define fakesize 0x20 | |
#define SIZE_SZ (sizeof(size_t)) | |
#define MALLOC_ALIGN_MASK (2*SIZE_SZ - 1) | |
#define MIN_CHUNK_SIZE 24 /* 64 bit system */ | |
//#define MIN_CHUNK_SIZE 12 /* 32 bit system */ |
I hereby claim:
To claim this, I am signing this object:
// | |
// Quick and dirty exploit for the "roll a d8" challenge of PlaidCTF 2018. | |
// N-day exploit for https://chromium.googlesource.com/v8/v8/+/b5da57a06de8791693c248b7aafc734861a3785d | |
// | |
// Scroll down do "BEGIN EXPLOIT" to skip the utility functions. | |
// | |
// Copyright (c) 2018 Samuel Groß | |
// | |
// |
#include <stdint.h> | |
#include <sys/io.h> | |
#include <unistd.h> | |
#include <stdio.h> | |
#include <fcntl.h> | |
#include <sys/mman.h> | |
#include <string.h> | |
#include <assert.h> | |
#include "virt_to_phys.c" |
#!/usr/bin/env python | |
from pwn import * | |
context(terminal=['tmux', 'splitw', '-h']) # horizontal split window | |
# context(terminal=['tmux', 'new-window']) # open new window | |
# libc = ELF('') | |
elf = ELF('./speedrun-012') | |
context(os='linux', arch=elf.arch) | |
context(log_level='debug') # output verbose log |
<html> | |
<pre id='log'></pre> | |
<script src="mojo_bindings.js"></script> | |
<script src="third_party/blink/public/mojom/blob/blob_registry.mojom.js"></script> | |
<script src="being_creator_interface.mojom.js"></script> | |
<script src="food_interface.mojom.js"></script> | |
<script src="dog_interface.mojom.js"></script> | |
<script src="person_interface.mojom.js"></script> | |
<script src="cat_interface.mojom.js"></script> | |
<script> |
# Author : peternguyen93 | |
import sys | |
sys.path.append('../') # back to vboxlib module | |
from vboxlib.hgcm import * | |
from vboxlib.chromium import * | |
from ctypes import * | |
''' |
|=-----------------------------------------------------------------------=| | |
|=-------------=[ 3 Years of Attacking JavaScript Engines ]=-------------=| | |
|=-----------------------------------------------------------------------=| | |
|=------------------------------=[ saelo ]=------------------------------=| | |
|=-----------------------------------------------------------------------=| | |
The following are some brief notes about the changes that have taken place | |
since the release of the "Attacking JavaScript Engines" paper [1]. In | |
general, no big conceptional changes have happened since. Mitigations have | |
been added to break some of the presented techniques and, as expected, a |
class Helpers { | |
constructor() { | |
this.cvt_buf = new ArrayBuffer(8); | |
this.cvt_f64a = new Float64Array(this.cvt_buf); | |
this.cvt_u64a = new BigUint64Array(this.cvt_buf); | |
this.cvt_u32a = new Uint32Array(this.cvt_buf); | |
} | |
ftoi(f) { |
{ | |
"name": "MELD 1 TEST", | |
"description": "MELD 1 TEST POOL", | |
"ticker": "MELD1", | |
"homepage": "https://meld.com" | |
} |