Ad End 1 May 2026
Ad End 4 April 2026
ad End 17 June 2026
ad End 25 April 2026
banner Expire 25 April 2025
adv exp at 20 April 2026
banner Expire 25 April 2025
banner Expire 23 June 2026
banner Expire 3 July 2026
Ads end 31 October 2026
Menu
What's new
By:
Filters
Luki Crown
Ads end 31 October 2026
Wizard's shop 2.0
banner Expire 10 May 2026
best shop
best shop

Chrome 72.0.3626.119 filereader use

Dark_Code_x

Dark_Code_x

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 28, 2020
Messages
6,868
Reaction score
742
Points
212
Awards
2
  • Somebody Likes you
  • First post



This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript.

This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.

MD5 | 1845174659a656cb293c5dd2f17fe75c
 
You must log in or register to reply here.
Ad End 1 November 2024
Top