search

awakened1712 / CVE-2019-11932

Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif
https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
201 stars 106 forks source link

How to replace system and victim's adress and where?What will it do? #3

Closed jsn-OO7 closed 4 years ago

awakened1712 commented 4 years ago

As I mentioned in the blog post, this has to be chained with a memory info disclosure.

For poc, you need to use my simple app in the repo to find those addresses. This app acts like one that is vulnerable to mem info disclosure.