The first thing I wanted to try and reverse was the ROMP module. It is one of the two modules that me_cleaner doesn’t remove, and given how small it is (less than 1KB of code+data), I thought it would be a good starting point. Turns out my hunch was right, as I finished reverse engineering that module after only a couple of days.
in that small bit of code, I have already found one bug in their implementation. I doubt that particular bug instance is exploitable as-is, but it’s a good indicator that their code is probably going to be full of bugs and it won’t be long before we find an exploitable one.
I used to be a Puri.sm skeptic, but I am very appreciative of their efforts on this front.
Nice find, this is very interesting.
Teaser quote:
I used to be a Puri.sm skeptic, but I am very appreciative of their efforts on this front.