👩💻 Join our community of thousands of amazing developers!
Last weekend we have participated TCTF 2021 Final and got 2nd place! Congratulation! I solved 3 challenges: Secure JIT 2, Promise and krop. Among these, I think Promise is quite worthy to do a full writeup. 0x00 Overview In this challenge, we need to exploit quickjs engine, which is a lightweight JavaScript engine, and this is actually my first time to exploit this engine. The vulnerability we need to exploit is that when variable is copied to promise result, the reference counter is not increme...