CVE-2018-1000224 PoC — Godot Engine 安全漏洞

Source

Associated Vulnerability

Title:Godot Engine 安全漏洞 (CVE-2018-1000224)
Description:Godot Engine是一款跨平台的游戏引擎。该引擎支持通过统一界面创建2D和3D游戏。 Godot Engine 2.1.5之前版本和3.0.6之前的3.0版本中的core/io/marshalls.cpp文件存在安全漏洞。攻击者可借助畸形的数据包利用该漏洞造成拒绝服务，泄露未初始化的内存。

Description

Repo for a uni project to give a detailed explanation of CVE-2018-1000224

File Snapshot


 [4.0K]  /data/pocs/36f6ae6bf4af75fff40550518b2ef6b1e0a2b117
├── [4.0K]  Client
│   ├── [2.5K]  default_env.tres
│   ├── [3.4K]  icon.png
│   ├── [ 558]  icon.png.import
│   ├── [1.5K]  main.gd
│   ├── [3.4K]  main.tscn
│   └── [ 429]  project.godot
├── [4.0K]  Local
│   ├── [2.5K]  default_env.tres
│   ├── [3.4K]  icon.png
│   ├── [ 558]  icon.png.import
│   ├── [ 655]  main.gd
│   ├── [1.9K]  main.tscn
│   └── [ 428]  project.godot
└── [4.0K]  Server
    ├── [2.5K]  default_env.tres
    ├── [3.4K]  icon.png
    ├── [ 558]  icon.png.import
    ├── [ 893]  main.gd
    ├── [1.6K]  main.tscn
    └── [ 429]  project.godot

3 directories, 18 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!