Replies: 1 comment
-
|
Google Project Zero 团队的博客有很多精彩案例。 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
只要发送链接就能让目标中招,无须目标打开链接,此为 zero-click exploit。
这个 2021 年 iMessage zero-click exploit 案例。在溢出的内存空间上基于逻辑门电路构建简易计算机系统从而运行渗透脚本,而这一切都在一张 GIF 图片里完成。恐怖如斯。
原文 (链接备份)
译文 (链接备份)
当然这个漏洞已修复,详见 CVE-2021-30860。
Beta Was this translation helpful? Give feedback.
All reactions