theori-io/chakra-2016-11

Stars
139
Rank 261,514 (Top 6 %)
Language
HTML
License
MIT License
Created over 7 years ago
Updated over 7 years ago

theori-io/chakra-2016-11

theori-io

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)

chakra.dll Info Leak + Type Confusion for RCE

Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)

Tested on Windows 10 Edge (modern.ie stable).

FillFromPrototypes_TypeConfusion.html: WinExec notepad.exe

FillFromPrototypes_TypeConfusion_NoSC.html: 0xcc (INT 3)

To run

Download exploit/FillFromPrototypes_TypeConfusion.html to a directory.
Serve the directory using a webserver (or python's simple HTTP server).
Browse with a victim IE to FillFromPrototypes_TypeConfusion.html.

pwnjs

A Javascript library for browser exploitation

nrsc5

NRSC-5 receiver for rtl-sdr

CVE-2022-32250-exploit

zer0con2018_bpak

Code and slides for Zer0Con 2018 talk: Building a 1-day Exploit for Google Chrome

zer0con2018_singi

cve-2016-0189

Proof-of-Concept exploit for CVE-2016-0189 (VBScript Memory Corruption in IE11)

ctf

writeup from some ctfs

CVE-2022-26717-Safari-WebGL-Exploit

jscript9-typedarray

Proof-of-Concept exploit for jscript9 bug (MS16-063)

jscript9-typedarray-cfg

Proof-of-Concept exploit for jscript9 bug (MS16-063) with CFG Bypass

kr-crypto

Implementation of Korean Block Ciphers: NEAT and NES

v8-sbx-bypass-wasm

POC2019-BAOBAB

OpenTRS

Open Theori Research Seminar

SpeedHack-POC2017

Official write-up for Speed Hack event at POC2017

SSTF2019

Samsung Security Tech Forum (SSTF) 2019 Keynote (Korean)

web3-publications

Collection of Web3 Audits and Publications by ChainLight of Theori

django-entity-rbac

✨ Django Entity-Relationship-Based Access Control ✨

SpeedHack-POC2019

public-scripts

Handy scripts for pentesting (PUBLIC)

bevxcon_slides

aws-terraform-boost

AWS Proxy designed for performance boost of terraform plan

theori-io.github.io