Vulnerability Research

The hunt for Chromium issue 1072171

29 May 2020 ~29 min By Javier Jimenez
Browser Chrome Exploit Development Vulnerability Research 0day V8 Vulnerability
The last few months I’ve been studying Chrome’s v8 internals and exploits with the focus of finding a type confusion bug. The good news is that I found one, so the fuzzing and analysis efforts didn’t go to waste. The bad news is that I can reliably trigger the vulnerability but I haven’t found a way to weaponise it yet. If you don’t have prior knowledge of v8, I encourage…

The power of variant analysis (Semmle QL) CVE-2019-15937 and CVE-2019-15938

28 October 2019 ~9 min By Hector Cuesta
Cve Exploit Variant Analysis Vulnerability Research Code Analysis Cve-2019-15937 Cve-2019-15938 Ql Semmle Vulnerability
This post will try to do a small introduction to the QL language using real-world vulnerabilities that I found in the past, and it will end with a small challenge using QL. A few months ago, I heard of Semmle QL for the first time, what they do is perform multiple code analysis techniques against source code, and dump these results into a database. Then using the QL language, you…