OCamlot
Feed
Users
Log in/Register
For fun, I slapped Project Zero's [CVE-2023-33107 writeup](https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-33107.html) and Github Security's [CVE-2020-11239 proof-of-concept](https://github.blog/security/vulnerability-research/one-day-short-of-a-full-chain-part-1-android-kernel-arbitrary-code-execution/#conclusion) into an LLM, then asked it to write me a CVE-2023-33107 exploit. The generated code actually built and ran, but I realized I have no idea what it does, or what I need to do to get root out of it. ... so what's the point of Vibe Coding if I have to learn everything myself anyways to use the LLM-generated program? https://aistudio.google.com/app/prompts?state=%7B%22ids%22:%5B%221039BJy9BS9hmZmzaJJFnRMWwE_2-tYs3%22%5D,%22action%22:%22open%22,%22userId%22:%22109057549338745886584%22,%22resourceKeys%22:%7B%7D%7D&usp=sharing
Posted on 31st of May 2025
Reply
Zhuowei Zhangzhuowei@notnow.dev
Zhuowei Zhang's profile picture