Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability

[voldemort]

Part 1:

Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1)

End-to-end ‘modern’ browser exploitation on Windows beginning with configuring a browser exploitation environment, exploring JavaScript intrinsics, and understanding type confusion vulnerabilities.

connormcgarr.github.io

Part 2:

Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2)

Leveraging ChakraCore to convert our denial-of-service from part 1 into a read/write primtive and functioning exploit.

connormcgarr.github.io

Part 3:

https://connormcgarr.github.io/type-confusion-part-3/

 

[weaver]

Part 1:

Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1)

End-to-end ‘modern’ browser exploitation on Windows beginning with configuring a browser exploitation environment, exploring JavaScript intrinsics, and understanding type confusion vulnerabilities.

connormcgarr.github.io

Part 2:

Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2)

Leveraging ChakraCore to convert our denial-of-service from part 1 into a read/write primtive and functioning exploit.

connormcgarr.github.io

Part 3:

https://connormcgarr.github.io/type-confusion-part-3/

Хорошие статьи, но это неактуально в нынешних реалиях. Так как браузер Microsoft Edge больше не использует ChakraCore, он перешел на проект Chromium и там теперь V8.