This repo contains exploits to some browser challenges, that I solved while learning browser exploitation.
This was originally used to build a jsshell for firefox v91.0b6 on a Ubuntu 21.04 machine. But should be useful for other cases too with minor changes.
sudo apt update
sudo apt install python-is-python3 python3-pip libpulse-dev rustc cargo clang nodejs libdrm-dev build-essential libgtk-3-dev nasm m4 libdbus-glib-1-dev libxt-dev libx11-dev libx11-xcb-dev unzip zip tar
cargo install cbindgen
# My machine had libnspr4 v4.25 installed but the build process required v4.32, so manually installed it.
wget http://ftp.jp.debian.org/debian/pool/main/n/nspr/libnspr4_4.32-1_amd64.deb
sudo dpkg -i libnspr4-dev_4.32-1_amd64.deb
# Downloading source code
wget https://ftp.mozilla.org/pub/firefox/releases/91.0b6/source/firefox-91.0b6.source.tar.xz
tar xvf firefox-91.0b6.source.tar.xz
cd firefox-91.0
# Applying patch
patch -p1 < ../patch.diff
# Building the image
cp ../mozconfig ./mozconfig
./mach create-mach-environment
./mach build
# Run... you can find the binary here: ./obj/release/dist/bin/js
./mach runContents of mozconfig file:
ac_add_options --with-system-nspr
# use --enable-debug to get a debug build
ac_add_options --disable-debug
mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj/release
# Build only the SpiderMonkey JS test shell
ac_add_options --enable-application=js
Following setup is done on a Ubuntu 20.04 machine.
cd ~
mkdir v8-bro
cd v8-bro
sudo apt install git
# Fetch depot_tools and install...
git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
export PATH=/home/amit/v8-bro/depot_tools:$PATH
# Update depot_tools
gclient
# Download v8 source code
fetch v8
cd v8
# Download build dependencies
gclient sync
./build/install-build-deps.sh
# Apply patch, if any.
# Takes 25 - 30 mins on a 8 core 16 GB machine.
tools/dev/gm.py x64.release