This video is an explanation of double-free vulnerability that allowed the attacker prepare a malicious GIF image that could execute remote commands on victim’s smartphone in WhatsApp’s context.
Report:
https://awakened1712.github.io/hacking/hacking-whatsapp-gif-rce/
Reporter’s website:
https://awakened1712.github.io/
Create you own malicious GIF:
https://github.com/awakened1712/CVE-2019-11932
Follow me on twitter:
https://twitter.com/gregxsunday
Timestamps:
00:00 Intro
00:26 GIF file structure
02:21 Double-free bug
05:47 How to achieve RCE?
07:26 Building the exploit
#rce #WhatsApp #double-free
Add comment