electron

[idlookraj140]

hello there , i am new to browsers exploitation , my target is using modified version for electron/CEF which disables the some of wasm
features .

following code causing some wasm-gc error because they have disabled wasm gc feature as shown above

var wasmBuffer = new Uint8Array([0x00.0x61.0x73.0x6d,0x01.0x00.0x00.0x00.0x01....]);
var module = new WebAssembly.Module(wasmBuffer);
var instance = new WebAssembly.Instance(module, importObject);
var func = instance.exports.make_array;
func();

Is there a way to use some other object to load the shellcode instead of using wasm (winexec) module shellcode​

 

[xvonfers]

It is easier to choose another component for exploitation in this case than wasm/liftoff/jspi/wasm-gc/wasm-fx/wasm-custom-desc/shared/memory64/growable-stacks...

For example(with exploits):

Chromium

issues.chromium.org

Chromium

issues.chromium.org

Chromium

issues.chromium.org

Chromium

issues.chromium.org

If you prefer to stick with WASM, you can try recompiling your WASM module to avoid using GC features(it may not work in your environment)