2019-06-02

[public] 46.1K views, 1.72K likes, 8.00 dislikes audio only

LiveOverflow

Part 2: Let's have a look at how JavaScriptCore implements JavaScript Objects and values like integers and floats. We can use lldb to look into the memory.

Phrack: http://phrack.org/papers/attacking_javascript_engines.html

The Linus: https://twitter.com/linushenze

The Exploit: https://github.com/LinusHenze/WebKit-RegEx-Exploit

The Fix: https://bugs.webkit.org/show_bug.cgi?id=191731

-=[ 🕴️Advertisement ]=-

This video is supported by SSD Secure Disclosure: https://ssd-disclosure.com/

Offensive Security Conference TyphoonCon (10th - 14th June 2019): https://typhooncon.com/

-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://geni.us/ntg3b

→ Graphics tablet:* https://geni.us/wacom-intuos

→ Camera#1 for streaming:* https://geni.us/sony-camera

→ Lens for streaming:* https://geni.us/sony-lense

→ Connect Camera#1 to PC:* https://geni.us/cam-link

→ Keyboard:* https://geni.us/mech-keyboard

→ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Website: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.

LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#BrowserExploitation