I really appreciate the work of the Broadcom exploit by P0 (cool that Halvar gets a shoutout)!

Constructive observation:

I wish people writing exploit-reports would start with the reveal or outcome and *then* show how they got there.

Too often the author takes the reader on the full journey from the the start. The problem is that the author already has end-result context but the reader does not.

The reader, at the end, is forced to re-parse earlier elements when they get the final context.


@Mudge Back when I was in the MSRC I always appreciated the vuln reports we got from ZDI. They'd start with the end result 'double free in IE 7 results in privilege escalation', then give more detail around the 'why', then you'd get the dump at the end that my V&M team could use to repro. Should be an industry standard format

· · Web · 0 · 0 · 1
Sign in to participate in the conversation

The original server operated by the Mastodon gGmbH non-profit