tags:messengerwebrtcsignalandroidiOSlearning_resource original link: You Can’t Spell WebRTC without RCE: Part 2 newsletter link: exploits.club Weekly Newsletter 33 - CPU Vulns, Breaking Samsung Bootloaders, Tony Hawk Pro Skater, And More
Exploits Club Summary:
Margin Research returns with part 2 of the Signal security research blog series they started last month. The new entry into the series builds on the previous, taking the N-day vulnerability and walking through how we might go about exploiting it. The post goes in-depth on how we can chain a handful of leaks together to obtain addresses we will need to break ASLR and continue with exploitation. The post also touches on the limitations of the emulator, as the memory layout is not fully representative of a physical device. As such, the team pivots to Corellium before explaining how a ROP chain can be built to obtain RCE.
backlinks: You Can’t Spell WebRTC without RCE - Part 1