CVE-2017-0038-EXP-C-JS
详细漏洞分析和Exploit编写过程已经发表在安全客上: http://bobao.360.cn/learning/detail/3644.html
C Exploit中,少一个printf打印最后的color数组,可以自行添加,也可直接用debug调试观察内存泄露
JS Exploit已经更新一个可以直接打印bitmap的版本
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.
Please sign in to use Codespaces.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download GitHub Desktop and try again.
If nothing happens, download Xcode and try again.
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
详细漏洞分析和Exploit编写过程已经发表在安全客上: http://bobao.360.cn/learning/detail/3644.html
C Exploit中,少一个printf打印最后的color数组,可以自行添加,也可直接用debug调试观察内存泄露
JS Exploit已经更新一个可以直接打印bitmap的版本