Need help with blazefox?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

135 Stars 51 Forks MIT License 32 Commits 0 Opened issues


Blazefox exploits for Windows 10 RS5 64-bit.

Services available


Need anything else?

Contributors list

Blazefox exploits for Windows 10 RS5 64-bit

This the repository associated with the article Introduction to SpiderMonkey exploitation.


is an exploitation challenge written by itszn for Blaze CTF 2018. The author added a
method to JavaScript Arrays that sets the size of the backing buffer to 420. This gives the attacker an out-of-bounds memory primitive.



  • Three exploits are documented and available in exploits,
  • A WindDbg JavaScript extension that allows to dump
    objects in sm,
  • Various scripts built during the research in scripts,
  • An x64 debug build of the JavaScript shell (along private symbol information) in js-asserts, and an x64 release build in js-release,
  • The sources matching js-release private symbol information in src/js,
  • Last but not least, 7z archives of the Firefox binaries (along with
    private symbol information) I compiled for Windows 64-bit in ff-bin.7z.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.