Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-0567 PoC — Microsoft Edge和ChakraCore 缓冲区错误漏洞

Source
https://github.com/NatteeSetobol/Chakra-CVE-2019-0567
Associated Vulnerability
Title:Microsoft Edge和ChakraCore 缓冲区错误漏洞 (CVE-2019-0567)
Description:Microsoft Windows 10等都是美国微软(Microsoft)公司发布的一系列操作系统。Edge是其中的一个系统附带的浏览器。ChakraCore是使用在Edge的一个开源的JavaScript引擎的核心部分,也可作为单独的JavaScript引擎使用。 Microsoft Edge和ChakraCore中存在远程代码执行漏洞。远程攻击者可利用该漏洞在当前用户的上下文中执行任意代码,损坏内存。以下系统版本受到影响:Microsoft Windows 10,Windows 10版本1607,W
Description
A POC of a type confusion bug in chakracore framework that leads to code execute.
Readme
# Chakra-CVE-2019-0567
A POC of a type confusion bug in chakracore framework that leads to code execute.  


Following from Connor McGar's blog https://connormcgarr.github.io/


NOTE: The Offsets and ROP gadgets depends on the Windows version you use, so it might not work for you. If you compare my code to Connor's POC, you will see that most of the offsets are different. That's because I had to find my own ROP gadgets!
File Snapshot

 [4.0K]  /data/pocs/588a1559f7922b5c9f8c9b7b0d5c0cb31c05cdc8
├── [4.5K]  poc.js
└── [ 424]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.