#!/bin/bash## Derped together by Raphael de la Vienne A.K.A. Hackdwerg# Original exploit https://www.rapid7.com/db/modules/exploit/linux/http/dlink_dir850l_unauth_exec# Just in case if you dont have metasploit, or are to lazy to install it. here is
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1355 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =============================================
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1354 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =============================================
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1353 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =============================================
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1351 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =============================================
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1350 There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =========================================
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1349 There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =========================================
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1348 There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: =========================================
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1347 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. Note that accessibility features need to be enabled
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1346 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ==============================================
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1345 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ==============================================
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1344 There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC: ==============================================
Overview During an evaluation of the Vonage home phone router, it was identified that the loginUsername and loginPassword parameters were vulnerable to a buffer overflow. This overflow caused the router to crash and reboot. Further analysis will be p
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1361 We have discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fields
Microsoft Edge: Chakra: JIT: Bailouts must be generated for OP_Memset CVE-2017-11873function opt(a, b, v) { if (b.length 1) return; for (let i = 0; i a.length; i++) a[i] = v; b[0] = 2.3023e-320;}The above JavaScript code is JITed as follows:... CHEC
Microsoft Edge: Chakra: JIT: Incorrect integer overflow check in Lowerer::LowerBoundCheck CVE-2017-11861Here's a snippet of the method.void Lowerer::LowerBoundCheck(IR::Instr *const instr){ ... if(rightOpnd-IsIntConstOpnd()) { IntConstType newOffset
Microsoft Edge: Chakra: JIT: Type confusion with switch statements CVE-2017-11811Let's start with a switch statement and its IR code for JIT.JS:for (let i = 0; i 100; i++) { switch (i) { case 2: case 4: case 6: case 8: case 10: case 12: case 14: cas
