j j
1,602 posts
j j
@mistymntncop
Joined January 2017
- Flattered that someone did a writeup for the 2nd hole exploitation technique I used for my CVE-2023-2033 exploit (Korean). Shoutout to the author "Rotiple_" cwresearchlab.co.kr/entry/Chrome-v…
- Exploit and mini writeup for CVE-2025-5419.
- My writeup for CVE-2024-7971. Just a POC. Let me know if u have any questions.
- In light of the issue page for CVE-2024-5274 being made public. Me and @buptsb have decided to make our exploit public. It's a bit different than the issue page POC.
- Exploit for CVE-2022-4262. Fukin finally! Shoutout to @_clem1 for finding the ITW exploit. And shoutout to @5aelo, @bjrjk, @alisaesage for their RCA's and prior analysis of the vuln :).
- CVE-2022-2200 added to the chain. Full chain complete RCE + SBX :-). Shout out to @_manfp, @hosselot and the good folks at @thezdi !!! github.com/mistymntncop/C…
- "WebAssembly Is All You Need:Exploiting Chrome and the V8 Sandbox 10+ times with WASM" by @0x10n Worth a watch :)
- My recreation of the ITW exploit for CVE-2023-3079. Has a bit of a explanation of the vuln in the comments. Uses the same hole technique as CVE-2023-2033. #V8
- My DM with the North Korean threat actor "Paul". He had figured out CVE-2023-2033 (which was closed at the time) based on the report for similar issue 1433211. He was interested in a new technique for exploiting the hole.
- Holy cow! New debugger just dropped 👀!
- github.com/mistymntncop/C… Finally figured out how to exploit CVE-2023-2033 using the "new" (patched) hole technique. Ended up being a typer bypass (also, patched).
