Credit: Grant Thompson & Daven Morris
There is a famous quote that some people in our community yell at exploit developers after they have spent three weeks on an exploit: ‘JUST FIND A BETTER BUG’. Exploiting this issue required no heap manipulation, or even understanding what a CPU or a buffer is. And it reminded us all: 100% reliability and ease-of-exploitation is usually in logic bugs.
Don’t look up how old Grant Thompson was when he found this. It’ll make you insecure.