xmzyshypnc
@xmzyshypnc1Pwner@天枢Dubhe/BlackHat/Defcon Speaker/ BUPT/Security Researcher/browser/Linux kernel
Similar User
@1chig0_sec
@Pwnrin
@p1umer
@P4nda20371774
@q1iqF
@QiuhaoLi
@Jioun_dai
@0xmuhe
@r3tr0spect2019
@yuebinsun2020
@ret2happy
In this post I'll use CVE-2024-3833, a type confusion in v8 to gain remote code execution in the Chrome renderer sandbox: github.blog/2024-06-26-att…
No days like 0days! Recently we've been speaking at conferences about the logic bugs we've been using at the Pwn2Own contests against Samsung and Xiaomi phones for a very long time. Our @offensive_con slides are up now: github.com/interruptlabs/…
Last year when we were in Singapore, we wanted to buy some stickers for our friends, the staff said there was no souvenir shop here, only in BlackHat USA. I said I hope to have the opportunity to see you again in the United States, and now is the time. #BHUSA @BlackHatEvents
Luck enough that our submission was accepted by Black Hat USA 2024 last week. We (@p1umer @xmzyshypnc1 @q1iqF) will share our bug hunting trip in WASM of Modern Browsers. [⛳️] Unlocked BlackHat Asia/USA/Europe and DEFCON during one year finally. #BHUSA @BlackHatEvents
That’s our second trip to Blackhat. Thanks Jen Hughes and BH team for their assistant. After the event, we saw Opera in the theater, which is amazing. Hope to get to London next year.
Had a good time at Blackhat Europe 2023. The release version of our slide is available now: i.blackhat.com/EU-23/Presenta… Hope you like it. Thanks to everyone who helped with this talk!!🥳🥳
Really want to get a machine that powerful enough to run all my ql queries quickly. :(
So lucky that our talk(with @xmzyshypnc1) was accepted by the Black Hat Europe. Hope everything goes smoothly, and I also hope to be able to in-person attend the conference in London😀. #BHEU @BlackHatEvents
“Dirty Pagetable: A Novel Exploitation Technique To Rule Linux Kernel” yanglingxi1993.github.io/dirty_pagetabl… We succeeded in exploiting CVE-2023-21400 on Google pixel 7 with Dirty Pagetable. And we also pushed the exploitation of file UAF and pid UAF to the next level with Dirty Pagetable!
Fake poc ! This is a bug found by me. Here is a fishing repo which has fake poc. Don't compile and run that on your machine ! github.com/ChriSanders22/…
Very glad that our submission has been accepted by Defcon @P4nda20371774 @Atuml1 ! Btw, is there anyone know who help with the visa in defcon? Cause we urgently need an invitation letter for visa request. @defcon #defcon31 #Defcon
Found a UAF bug in virtualbox, It won’t get a CVE for it cannot be exploited directly. But finding bug in new target is a good start for me.
So excited to attend BlackHat Asia with @p1umer @cook1e0305 and @q1iqF It’s my first time to share the research in BH with my teammates. Besides, we met with @chompie1337 @thatjiaozi @scannell_simon Their prensentation is so brilliant. Hope to see you again in BH #BHASIA
🤣
Another impressed talk about WASM fuzzing by @chiachih_wu and his teammates. if the fuzzer part can provide more details, it would be great, it is still highly recommended. Well done #bhasia 2023
pro!
Unexpected joy. But I wonder why Apple did not deal with this vulnerability instantly, but added this vulnerability information abount two months after the release of the security update of safari 15.6 🧐 #CVE-2022-32863 support.apple.com/en-us/HT213341
Find linux kernel bug costs 1 day, and figuring out the patch costs 1 week and even longer.🤐
Very excited to find this interesting vulnerability in WK🤩 Thanks to my companions for their help! @afang5472 @xmzyshypnc1 #CVE-2022-32886
Type confusion when using simple api call accessors with SuperIC crbug.com/1308360
The More You Know, The More You Know You Don’t Know googleprojectzero.blogspot.com/2022/04/the-mo…
A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution googleprojectzero.blogspot.com/2021/12/a-deep…
United States Trends
- 1. #FridayVibes 6.459 posts
- 2. $MAD 5.515 posts
- 3. Good Friday 62,7 B posts
- 4. Mike Rogers 129 B posts
- 5. CONGRATULATIONS JIMIN 299 B posts
- 6. #FridayMotivation 10,8 B posts
- 7. Pam Bondi 315 B posts
- 8. Jason Kelce 1.487 posts
- 9. Happy Friyay 2.613 posts
- 10. #FridayFeeling 3.361 posts
- 11. #KashOnly 68,8 B posts
- 12. McCabe 23,8 B posts
- 13. Finally Friday 3.267 posts
- 14. Chris Brown 30,1 B posts
- 15. Randle 7.342 posts
- 16. #FursuitFriday 12,6 B posts
- 17. Jameis 70 B posts
- 18. Kang 36,2 B posts
- 19. Donny Dough N/A
- 20. Mnet 409 B posts
Something went wrong.
Something went wrong.