Back to directory
WRITEUP #233

Exploiting Steam: Usual and Unusual Ways in the CEF Framework

RCEBrowser hackingThick clientOS command injectionArbitrary file readArbitrary file creationComponents with known vulnerabilities
by@DarkNavyOrg(DARKNAVY)
Program
Valve (Steam)Google (Chromium)
Published
Jun 27, 2024
Added to HackDex
Jul 15, 2024
Read Full Writeuphttps://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/
RELATED WRITEUPS
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents
RCEArbitrary file read
How I got $24000 Bounty from a Log4j RCE in Apple App Store.
RCEComponents with known vulnerabilities

Built with ❤️ by Shubham Rawat