Olivia
Online
fluoroacetate
@fluoroacetate
Joined October 2018
0 Following
4.2K Followers
25 Posts
That's a wrap! #Pwn2Own 2020 officially comes to a close. We're happy to award the @fluoroacetate duo the title of Master of Pwn. It was a close event, but their 9 points (& $90K) was just ahead of the team from @SSLab_Gatech. Congrats to all the contestants.
Confirmed! The @fluoroacetate duo used a pair of UAFs - one in #Adobe and one in the #Windows kernel to take over the target system. They earn themselves $50,000 and 5 more points towards Master of Pwn. #Pwn2Own
Confirmed! The @fluoroacetate duo leveraged a UAF in #Windows to escalate to Administrator. Their first attempt in repeating as Master of Pwn earns them $40,000 and 4 Master of Pwn points. More to come tomorrow. #Pwn2Own
That brings #Pwn2Own Tokyo 2019 to a close. Congrats to @fluoroacetate on successfully defending their Master of Pwn title. In two days, they racked up $195,000 for their research. Congrats!
Who to follow
acez
@amatcama
AI Extension
TrendAI Zero Day Initiative 
@thezdi
TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Project Zero Bugs
@ProjectZeroBugs
A bot that posts the latest blog posts and disclosures from Google's Project Zero
Success! The prolific @fluoroacetate duo was able to get a shell on the router. They're headed back to the disclosure room to provide all the details. #P2OTokyo
Success! The @fluoroacetate duo got the #Samsung Galaxy S10 to connect to their rogue base station and then pushed a file to the phone. Third year in a row. Off to the disclosure room to get all the details.
Confirmed! The @fluoroacetate duo used a bug in JavaScript JIT followed by a UAF to escape the sandbox to grab a pic off a #Samsung Galaxy S10 via NFC. Their final entry for Day One earns them $30,000 and 3 Master of Pwn points. #P2OTokyo
Confirmed! The @fluoroacetate duo used a JavaScript bug that jumped the stack to exfiltrate a picture from the #Xiaomi Mi9. They earned $20,000 USD and 2 Master of Pwn points. The full write-up on this one should prove fascinating.
Success! It took two attempts, but the @fluoroacetate duo were able to demonstrate their exploit of the #Samsung Q60 television. They're heading back up to the disclosure room to dish the details.
Success! The @fluoroacetate duo successfully demonstrated their exploit against the #Amazon #Echo Show. They're back to the disclosure room to confirm and provide the details. #P2OTokyo
Confirmed! The @fluoroacetate duo used a Javascript OOB Read bug to exploit the built-in browser to get a bind shell from the #Sony TV. They earned $15K and 2 Master of Pwn points to start the contest off with a bang. #P2OTokyo
That's a wrap! Congrats to @fluoroacetate on winning Master of Pwn. There total was $375,000 (plus a vehicle) for the week. Superb work from this great duo.
Confirmed! The @fluoroacitate duo used a JIT bug in the renderer to win $35,000 and a Model 3. What a great way to kick off the automotive category of #Pwn2Own.
The @fluoroacetate duo does it again. They used a type confusion in #Edge, a race condition in the kernel, then an out-of-bounds write in #VMware to go from a browser in a virtual client to executing code on the host OS. They earn $130K plus 13 Master of Pwn points.
Wow. Just wow. Starting from a web browser within a virtual client and ending with code execution on the host OS. Now off to the disclosure room for all the details.
Confirmed! The duo from @fluoroacetate used a JIT bug in #Firefox and an out-of-bounds write in the #Windows kernel to earn themselves $50,000 and 5 more Master of Pwn points.
Confirmed! @fluoroacetate leveraged a race condition leading to an out-of-bounds write to escalate from a #VMware client to execute code on the host OS. The effort brings them another $70,000 and 7 more Master of Pwn points. Their Day 1 total is $160,000 USD.
Confirmed! The @fluoroacetate team used an integer underflow and a race condition to escape the virtual machine and pop calc on the underlying OS. They earned another $35,000 and 3 points towards Master on Pwn.
Confirmed! The team of @fluoroacetate used an integer overflow in JIT and a heap overflow to escape the sandbox. The successful #Safari exploit chain earned them $55,000 and 5 Master of Pwn points.
That brings to an end #Pwn2Own Tokyo 2018! Congrats to team @fluoroacetate on earning 45 points and being crowned Master of Pwn! #P2OTokyo
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers