Rui Carlos Posted December 16, 2021 at 05:50 PM Report Share #624946 Posted December 16, 2021 at 05:50 PM Simplesmente brutal a forma como transformaram o código que descodifica imagens JBIG2 num interpretador Turing-complete! Citação [...] Practical circuits JBIG2 doesn't have scripting capabilities, but when combined with a vulnerability, it does have the ability to emulate circuits of arbitrary logic gates operating on arbitrary memory. So why not just use that to build your own computer architecture and script that!? That's exactly what this exploit does. Using over 70,000 segment commands defining logical bit operations, they define a small computer architecture with features such as registers and a full 64-bit adder and comparator which they use to search memory and perform arithmetic operations. It's not as fast as Javascript, but it's fundamentally computationally equivalent. The bootstrapping operations for the sandbox escape exploit are written to run on this logic circuit and the whole thing runs in this weird, emulated environment created out of a single decompression pass through a JBIG2 stream. It's pretty incredible, and at the same time, pretty terrifying. [...] In: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html 1 Report Rui Carlos Gonçalves Link to comment Share on other sites More sharing options...
thoga31 Posted December 16, 2021 at 08:47 PM Report Share #624949 Posted December 16, 2021 at 08:47 PM Extremamente interessante! Obrigado pela partilha, 5 estrelas Knowledge is free! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now