Skip Navigation
Research @infosec.pub execveat @infosec.pub

CS:GO: From Zero to 0-day

neodyme.io CS:GO: From Zero to 0-day

We identified three independent remote code execution (RCE) vulnerabilities in the popular Counter-Strike: Global Offensive game. Each vulnerability can be triggered when the game client connects to our malicious python CS:GO server. This post details our journey through the CS:GO binary and conduct...

CS:GO: From Zero to 0-day

They've chained 4 logic bugs to achieve RCE in CS:GO, pretty impressive. Valve sucks at communication and bug bounty payouts though.

0
0 comments