2
edits
Changes
Jump to navigation
Jump to search
Line 188:
Line 188: + + + + + +
→PPC userland
| None
| None
| [[User:Jam1garner|jam1garner]]
| [[User:Jam1garner|jam1garner]]
|-
| DKCTF-Save-Exploit
| Donkey Kong Country Tropical Freeze is vulnerable to a save exploit based around a crafted game save. The vulnerability is located in how achievemets are stored. The save contains a count for the number of items to read into a set length buffer located on the stack. Increasing this count past the length of this buffer writes directly to stack which can be used to immediately gain ROP. Proof of concept can be found [https://github.com/Kinnay/DKCTF-Save-Exploit Here]
| ROP under Donkey Kong Country Tropical Freeze
| None
| [[User:Kinnay|Kinnay]]
|}
|}