CodeColorist

  1. Home
  3. Posts Page 1
  • Bot per lo status del permesso di soggiorno

    Bot per lo status del permesso di soggiorno

    Trucco della vita

    2025-05-26

  • Mistuned Part 3: PAC Bypass

    Mistuned Part 3: PAC Bypass

    Bypass hardware assisted mitigation using Objective-C runtime.

    2021-09-10

  • Mistuned Part 2: Butterfly Effect

    Mistuned Part 2: Butterfly Effect

    A simple access control issue makes a huge difference, leading to infoleak and use after free.

    2021-08-05

  • Mistuned Part 1: Client-side XSS to Calculator and More

    Mistuned Part 1: Client-side XSS to Calculator and More

    Remotely pwn iOS and pop up arbitrary app with 0 memory corruption.

    2021-08-04

  • Quick Analysis for the SSID Format String Bug

    Quick Analysis for the SSID Format String Bug

    A rogue Wi-Fi hotspot can crash your phone.

    2021-06-20

  • See No Eval: Runtime Dynamic Code Execution in Objective-C

    See No Eval: Runtime Dynamic Code Execution in Objective-C

    There is a turing-complete querying language embeded in Objective-C hidden in plain sight.

    2021-01-16

  • X Site eScape (Part II): Look Up a Shell in the Dictionary

    X Site eScape (Part II): Look Up a Shell in the Dictionary

    A funny bug chain turing inter-process XSS to native code execution for sandbox escape.

    2020-08-06

  • X Site eScape (Part III): CVE-2020-9860, A Copycat

    X Site eScape (Part III): CVE-2020-9860, A Copycat

    Copycat.

    2020-07-01

  • X Site eScape (Part I): Exploitation of An Old CoreFoundation Sandbox Bug

    X Site eScape (Part I): Exploitation of An Old CoreFoundation Sandbox Bug

    Triggering inter-process XSS for fun and profit.

    2020-05-28

  1. 1
  2. 2
  3. 3

© 2025 CodeColorist. All rights reserved.

  • GitHub
  • Mastodon