Fuzzing Sudo (Part I): From NSS to Heap Overflow — Linking CVE-2025-4802 with Baron Samedit (CVE-2021-3156)

Posted on 4 days ago

A journey for bug hunting in Linux binary fuzzing

House of Muney

Posted on 2025-05-15

Steal memory from libc to hijack symbol resolution logic for RCE

Posted on 2025-04-21

Make “Format String Vulnerability” great again

Posted on 2025-04-14

Attack on Tcache Structures for Heap Exploitation in Modern Glibc

Posted on 2024-10-21

Hijack execution flow by abusing _rtld_global in ld.so

Posted on 2024-10-12

Defeat the pointer guard and hijack execution flow.

Posted on 2024-10-10

A systme error message leading to shell

Posted on 2024-09-18

ORW ROP chain with magic gadgets to pwn a Sandbox

Posted on 2024-08-31

LargeBin Attack is the future for heap exploitation.

Posted on 2024-06-15

Safe-linking is a mitigation but also a weapon in some cases.