Quote:
Originally Posted by tryol
I'm not sure what I'd write about because Yogev Bar-On's Medium post in the OP already explains how the exploit works. It only took this long to make because of my inexperience.
75% of the time I've spent on making this was basically studying stuff I didn't know. I had to learn IDA and Ghidra to reverse engineer the binaries/libraries. I had to deepen my knowledge on memory management. I also learned how to write shellcodes on different CPUs, how ELF files work, etc.
The other 25% was spent on reproducing what Yogev documented, and figuring out some of the details in the places where they - probably intentionally - left some things out.
|
I had a feeling that the researchers left some details out of the article, probably at Amazon's request.
I know how long it takes to just do one part of what you did (the reversing/ida part, especially if you don't know which version of the libs to reverse). But you took the time to learn about reverse engineering, elf files, writing shell code, and the overall JPEG XR reference code. Major props
Appreciate all the time and effort you put into this
