bjrjk/pwn-learning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ed5918f2844763163edc7aa90d49c6d9643ad8de
pwn-learning/JavaScript/PwnCollegeV8Exploitation/Level9/README.md
Jack Ren 791b1e0c44 Level 9 of PwnCollegeV8Exploitation
2024-09-17 16:27:52 +08:00

17 lines
859 B
Markdown
Raw Blame History

# Level 9
## Problem
Given V8 Sandbox memory corruption API (Address Of, Cage Read & Write Primitive).
## Key Knowledge
- V8 (Heap) Sandbox
- [The V8 Sandbox](https://v8.dev/blog/sandbox)
- V8 Memory Corruption API
- [4a12cb1022ba335ce087dcfe31b261355524b3bf - v8/v8 - Git at Google](https://chromium.googlesource.com/v8/v8/+/4a12cb1022ba335ce087dcfe31b261355524b3bf)
- [KITCTFCTF 2022 V8 Heap Sandbox Escape](https://ju256.rip/posts/kitctfctf22-date/#v8s-memory-corruption-api)
- V8 Sandbox Escape Technique
- [Dice CTF Memory Hole: Breaking V8 Heap Sandbox](https://mem2019.github.io/jekyll/update/2022/02/06/DiceCTF-Memory-Hole.html)
- You can use this one!
- [V8 Sandbox escape/bypass/violation and VR collection](https://github.com/xv0nfers/V8-sbx-bypass-collection)
- Real-time update V8 Sandbox escape collection!
Reference in New Issue View Git Blame Copy Permalink