Back to directory

WRITEUP #186

Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge Remote-Code Execution

RCEXSSElectronThick client

by@retr0reg(Patrick Peng)

Program

Evernote

Published

Jul 10, 2024

Added to HackDex

Jul 15, 2024

Read Full Writeuphttps://0reg.dev/blog/evernote-rce

▸ RELATED WRITEUPS

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

RCEConfusion attack

Studying 0days: How we hacked Anki, the world's most popular flashcard app

RCEComponents with known vulnerabilities

We hacked Anki - 0 day exploit from studying someone elses flashcards

RCEComponents with known vulnerabilities

Universal Code Execution by Chaining Messages in Browser Extensions

XSSUniversal XSS

Built with ❤️ by Shubham Rawat