35th Chaos Communication Congress

From Zero to Zero Day
12-29, 11:30–12:30 (Europe/Berlin), Clarke
Language: English

In this talk I will share my story of how in a little over a year, a high school student with almost zero knowledge in security research found his first RCE in Edge.


After starting my BSc in CS and Math I picked up a new hobby: solving coding challenges. The next logical step was to try harder challenges, which lead me to participate in CTF competitions. During these CTFs I found that I’m fascinated by vulnerabilities: finding mistakes or things that developers failed to think through. This is how I started going down the rabbit hole.

Fast forward a year later, I found my first 0-day, a critical RCE in Edge. To understand it, we will review the recent trend of JIT Type Confusion vulnerabilities in ChakraCore. I will talk about the vulnerability I found, explain how I discovered it and show similar vulnerabilities recently found by other researchers. Finally, I will demo a working exploit of this vulnerability.

This session could be helpful both for people interested in getting into the security field, and for experienced security researchers who want to learn more about browser vulnerabilities and exploitation.