Skip to content

Latest commit

 

History

History
14 lines (12 loc) · 775 Bytes

README.md

File metadata and controls

14 lines (12 loc) · 775 Bytes

vuln_wasm

Collection of vulnerable WebAssembly applications, client-side and server-side.

These applications are specifically built to be vulnerable, for the study of WebAssembly security.
In particular, I tried to implement the most common vulnerabilities present in the C language and ported them to WASM applications.

The following vulnerabilities are implemented:

  • Buffer overflow (BOF) client-side, leading to an XSS attack
  • Buffer overflow (BOF) server-side, leading to an RCE attack
  • Format string vulnerability client-side and server-side, leading to arbitrary write and read
  • Redirecting Indirect Cals(ret2win): BOF that allows to call an arbitrary function
  • Use After Free Heap vulnerability, server-side.
  • Integer Overflow
  • Arbitrary Array Access