Fuzzing Sudo (Part I): From NSS to Heap Overflow — Linking CVE-2025-4802 with Baron Samedit (CVE-2021-3156)

Posted on 4 days ago

A journey for bug hunting in Linux binary fuzzing

House of Muney

Posted on 2025-05-15

Steal memory from libc to hijack symbol resolution logic for RCE

Posted on 2025-05-04

Hijack from the inside—abuse internal GOT/PLT in modern glibc

Posted on 2025-04-21

Make “Format String Vulnerability” great again

Posted on 2025-04-14

Attack on Tcache Structures for Heap Exploitation in Modern Glibc

Posted on 2024-12-16

Exploit the vfork() function call debugging parent/child processes

Posted on 2024-10-21

Hijack execution flow by abusing _rtld_global in ld.so

Posted on 2024-10-12

Defeat the pointer guard and hijack execution flow.

Posted on 2024-10-10

A systme error message leading to shell

Posted on 2024-09-18

ORW ROP chain with magic gadgets to pwn a Sandbox