This video is an explanation of double-free vulnerability that allowed the attacker prepare a malicious GIF image that could execute remote commands on victim’s smartphone in WhatsApp’s context.


Reporter’s website:

Create you own malicious GIF:

Follow me on twitter:

00:00 Intro
00:26​ GIF file structure
02:21​ Double-free bug
05:47​ How to achieve RCE?
07:26​ Building the exploit

#rce #WhatsApp #double-free

Add comment

Your email address will not be published. Required fields are marked *