├── Release └── vuln_javascript.exe ├── baselib_string.cpp ├── baselib_string.h ├── disable_warning.h ├── global_setting.h ├── javascript_array.cpp ├── javascript_array.h ├── javascript_base.h ├── javascript_element.cpp ├── javascript_element.h ├── javascript_envirment.cpp ├── javascript_envirment.h ├── javascript_function.cpp ├── javascript_function.h ├── javascript_syntax.cpp ├── javascript_syntax.h ├── javascript_variant.cpp ├── javascript_variant.h ├── main.cpp ├── pic ├── base_string_in_heap.png ├── base_string_in_heap_detail.png ├── buffer.png ├── buffer_in_memory.png ├── example_using_console_mode.png ├── example_using_run_file.png ├── heap_alloc1.png ├── heap_alloc2.png ├── heap_alloc3.png ├── heap_alloc_and_free.png ├── read_out_of_bound_execute.png ├── read_out_of_bound_memcpy.png ├── read_out_of_bound_memcpy_exploit.png ├── read_out_of_bound_memcpy_read_data.png ├── read_out_of_bound_memcpy_read_data_output.png ├── read_out_of_bound_object.png ├── read_out_of_bound_output.png ├── read_out_of_bound_read_object_output.png ├── read_out_of_bound_read_object_virtual_table.png ├── read_write_out_of_buffer1.png ├── two_string_in_heap.png ├── uaf_data_change1.png ├── uaf_data_change2.png ├── uaf_data_change3.png ├── vuln_javascript_logo.jpg ├── write_out_of_bound_build_virtual_table.png ├── write_out_of_bound_exploit.png ├── write_out_of_bound_exploit_array_detail1.png ├── write_out_of_bound_exploit_array_detail2.png ├── write_out_of_bound_exploit_array_detail3.png ├── write_out_of_bound_read_build_virtual_table_data_address.png ├── write_out_of_bound_read_shellcode.png ├── write_out_of_bound_rewrite_exploit_array_virtual_table_after.png └── write_out_of_bound_rewrite_exploit_array_virtual_table_before.png ├── readme.md ├── vuln_javascript.dsp ├── vuln_javascript.dsw ├── vuln_javascript.ncb └── vuln_javascript.opt /Release/vuln_javascript.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/Release/vuln_javascript.exe -------------------------------------------------------------------------------- /baselib_string.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/baselib_string.cpp -------------------------------------------------------------------------------- /baselib_string.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/baselib_string.h -------------------------------------------------------------------------------- /disable_warning.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/disable_warning.h -------------------------------------------------------------------------------- /global_setting.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/global_setting.h -------------------------------------------------------------------------------- /javascript_array.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_array.cpp -------------------------------------------------------------------------------- /javascript_array.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_array.h -------------------------------------------------------------------------------- /javascript_base.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_base.h -------------------------------------------------------------------------------- /javascript_element.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_element.cpp -------------------------------------------------------------------------------- /javascript_element.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_element.h -------------------------------------------------------------------------------- /javascript_envirment.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_envirment.cpp -------------------------------------------------------------------------------- /javascript_envirment.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_envirment.h -------------------------------------------------------------------------------- /javascript_function.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_function.cpp -------------------------------------------------------------------------------- /javascript_function.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_function.h -------------------------------------------------------------------------------- /javascript_syntax.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_syntax.cpp -------------------------------------------------------------------------------- /javascript_syntax.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_syntax.h -------------------------------------------------------------------------------- /javascript_variant.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_variant.cpp -------------------------------------------------------------------------------- /javascript_variant.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/javascript_variant.h -------------------------------------------------------------------------------- /main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/main.cpp -------------------------------------------------------------------------------- /pic/base_string_in_heap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/base_string_in_heap.png -------------------------------------------------------------------------------- /pic/base_string_in_heap_detail.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/base_string_in_heap_detail.png -------------------------------------------------------------------------------- /pic/buffer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/buffer.png -------------------------------------------------------------------------------- /pic/buffer_in_memory.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/buffer_in_memory.png -------------------------------------------------------------------------------- /pic/example_using_console_mode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/example_using_console_mode.png -------------------------------------------------------------------------------- /pic/example_using_run_file.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/example_using_run_file.png -------------------------------------------------------------------------------- /pic/heap_alloc1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/heap_alloc1.png -------------------------------------------------------------------------------- /pic/heap_alloc2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/heap_alloc2.png -------------------------------------------------------------------------------- /pic/heap_alloc3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/heap_alloc3.png -------------------------------------------------------------------------------- /pic/heap_alloc_and_free.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/heap_alloc_and_free.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_execute.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_execute.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_memcpy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_memcpy.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_memcpy_exploit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_memcpy_exploit.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_memcpy_read_data.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_memcpy_read_data.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_memcpy_read_data_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_memcpy_read_data_output.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_object.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_object.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_output.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_read_object_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_read_object_output.png -------------------------------------------------------------------------------- /pic/read_out_of_bound_read_object_virtual_table.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_out_of_bound_read_object_virtual_table.png -------------------------------------------------------------------------------- /pic/read_write_out_of_buffer1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/read_write_out_of_buffer1.png -------------------------------------------------------------------------------- /pic/two_string_in_heap.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/two_string_in_heap.png -------------------------------------------------------------------------------- /pic/uaf_data_change1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/uaf_data_change1.png -------------------------------------------------------------------------------- /pic/uaf_data_change2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/uaf_data_change2.png -------------------------------------------------------------------------------- /pic/uaf_data_change3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/uaf_data_change3.png -------------------------------------------------------------------------------- /pic/vuln_javascript_logo.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/vuln_javascript_logo.jpg -------------------------------------------------------------------------------- /pic/write_out_of_bound_build_virtual_table.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_build_virtual_table.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_exploit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_exploit.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_exploit_array_detail1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_exploit_array_detail1.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_exploit_array_detail2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_exploit_array_detail2.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_exploit_array_detail3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_exploit_array_detail3.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_read_build_virtual_table_data_address.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_read_build_virtual_table_data_address.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_read_shellcode.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_read_shellcode.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_rewrite_exploit_array_virtual_table_after.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_rewrite_exploit_array_virtual_table_after.png -------------------------------------------------------------------------------- /pic/write_out_of_bound_rewrite_exploit_array_virtual_table_before.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/pic/write_out_of_bound_rewrite_exploit_array_virtual_table_before.png -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/readme.md -------------------------------------------------------------------------------- /vuln_javascript.dsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/vuln_javascript.dsp -------------------------------------------------------------------------------- /vuln_javascript.dsw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/vuln_javascript.dsw -------------------------------------------------------------------------------- /vuln_javascript.ncb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/vuln_javascript.ncb -------------------------------------------------------------------------------- /vuln_javascript.opt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/lcatro/vuln_javascript/HEAD/vuln_javascript.opt --------------------------------------------------------------------------------