Vulnerabilities (Page 4)

mast1c0re Part 2 - Compiler Attack

Multiple vulnerabilities that were found in the PS2 JIT emulator’s compiler process in PS4/PS5.The previous mast1c0re post we covered on episode #188 covered vulns and exploitation of the application process, which didn’t have direct JIT capability…


The curl quirk that exposed Burp Suite and Google Chrome

When using curl, if the --data-raw argument starts with a @ it will be treated as a filename and the file itself will be included as the data of the request. This sort of bug would be hard to exploit in the context of Burp and Chrome, requiring a victim to “Copy as cURL” a malicious request in the first place, and then run it…


Attacking Android Antivirus Applications

A fairly classic mobile issue, the McAfee Security: Antivirus VPN is a highly privileged app and it exports a fairly generic MainActivity.The MainActivity is rather dynamic in terms of what type content it’ll load, basically acting as a wrapper to load whatever the real intent was…