Rick de Jager

DragonSec SI @DragonSec_SI

2 months ago

rdjgr's tweet photo. https://t.co/xdYAUePwis

0

29

0

2

2K

rdjgr retweeted

3 months ago

Meet our #DCTF26 speaker Rick de Jager (@rdjgr )! He will present "𝐙𝐞𝐫𝐨 𝐭𝐨 𝐑𝐂𝐄 𝐢𝐧 𝐚 𝐖𝐞𝐞𝐤𝐞𝐧𝐝: 𝐅𝐮𝐳𝐳𝐢𝐧𝐠 𝐎𝐥𝐝 𝐆𝐚𝐦𝐞𝐬 𝐟𝐨𝐫 𝐌𝐞𝐦𝐨𝐫𝐲 𝐂𝐨𝐫𝐫𝐮𝐩𝐭𝐢𝐨𝐧." Mid-2000s videogames are a great target for finding RCE exploits. In this talk we'll pick a classic 2000's game, go over the process of fuzzing the game's server with a very fancy snapshot fuzzer, and fuzzing the client with the dumbest possible bit-flipper I could write in an hour. Both of these approaches lead to bugs that we'll exploit for remote code execution. Free registration: https://t.co/FE1JBJadlQ

DragonSec_SI's tweet photo. Meet our #DCTF26 speaker Rick de Jager (@rdjgr )! He will present "𝐙𝐞𝐫𝐨 𝐭𝐨 𝐑𝐂𝐄 𝐢𝐧 𝐚 𝐖𝐞𝐞𝐤𝐞𝐧𝐝: 𝐅𝐮𝐳𝐳𝐢𝐧𝐠 𝐎𝐥𝐝 𝐆𝐚𝐦𝐞𝐬 𝐟𝐨𝐫 𝐌𝐞𝐦𝐨𝐫𝐲 𝐂𝐨𝐫𝐫𝐮𝐩𝐭𝐢𝐨𝐧."

Mid-2000s videogames are a great target for finding RCE exploits. In this talk we'll pick a classic 2000's game, go over the process of fuzzing the game's server with a very fancy snapshot fuzzer, and fuzzing the client with the dumbest possible bit-flipper I could write in an hour. Both of these approaches lead to bugs that we'll exploit for remote code execution.

Free registration: https://t.co/FE1JBJadlQ

0

112

7

33

6K

rdjgr retweeted

Manfred Paul @_manfp

3 months ago

@LiveOverflow @_mixy1 If FIFA allowed robot players, and 99% of accomplished soccer players said "we hate this, this ruins our sport", would we all go "this is just what the the word 'soccer' means now"? The community gets some say in what the word "CTF" means. And nearly noone there enjoys AI v. AI.

2

120

16

6

16K

Who to follow

Crusaders of Rust

@cor_ctf

A European and American Security Research Group

Flashback Team

@FlashbackPwn

Hacking team (@pedrib1337 + @RabbitPro), winners of Pwn2Own Tokyo 2020. We hack stuff and make videos: https://t.co/lqSIfETowB

Ido Veltzman

@Idov31

I'm a security researcher who uses this platform to share my projects and research. Opinions are my own. https://t.co/UiWgKq40sV

rdjgr retweeted

RollerCoaster Tycoon @OfficialRCT

4 months ago

@rdjgr @DistrictCon Can confirm we have never seen RCT played like that before!

0

26

1

0

1K

4 months ago

Some stuff that we ended up scrapping for time: - We were initially going to run the slides in RCT. We actually had working code for this, but dropped it in favor of the Doom demo. - The fuzzer actually had a screenshot mode to generate a timelapse of all the maps it's generating

6

55

4

9

7K

4 months ago

May I present to you; a full copy of doom, running inside of a Rollercoaster Tycoon 1 save game exploit ✨ Thanks for everyone that came to check out our @DistrictCon Junkyard talk! We had a lot of fun putting it together. (check the thread for slides / exploit)

66

8K

704

1K

301K

4 months ago

We (@arctic0x78 and I) ended up winning best meme target for this! Many thanks to the Junkyard crew for running the competition. It's such a cool concept and I really enjoyed all the unhinged exploits people came up with!

rdjgr's tweet photo. We (@arctic0x78 and I) ended up winning best meme target for this!
Many thanks to the Junkyard crew for running the competition. It's such a cool concept and I really enjoyed all the unhinged exploits people came up with! https://t.co/dAHekUFAUI

1

43

3

1

9K

rdjgr retweeted

4 months ago

Collision! PHP Hooligans / @midnightbluelab targeted the Autel MaxiCharger AC Elite Home 40A with the Charging Connector Protocol/Signal Manipulation add-on, hitting a full collision on a two-bug chain, earning $20,000 USD and 3 Master of Pwn points. #Pwn2Own #P2OAuto

0

27

4

8K

International Cybersecurity Challenge TOKYO 2025 @icctokyo2025

5 months ago

@bl4sty Any time boss 🫡, just don't tell @vectors2final

0

2

0

239

rdjgr retweeted

7 months ago

We are announcing the results of ICC TOKYO 2025! The overall rankings are: 1st place - TEAM EUROPE, 2nd place - TEAM ASIA, and 3rd place - US CYBER TEAM! The winner of Jeopardy was TEAM EUROPE, and the winner of A&D was EUROPE! #icctokyo2025

icctokyo2025's tweet photo. We are announcing the results of ICC TOKYO 2025!
The overall rankings are: 1st place - TEAM EUROPE, 2nd place - TEAM ASIA, and 3rd place - US CYBER TEAM!
The winner of Jeopardy was TEAM EUROPE, and the winner of A&D was EUROPE! #icctokyo2025 https://t.co/jzpf2FKxSd

1

33

5

0

3K

rdjgr retweeted

7 months ago

We have another collision. The PHP Hooligans did exploit the QNAP TS-453E, but the bug they used was previously seen in the contest. They still earn $10,000 and 2 Master of Pwn points. #Pwn2Own

thezdi's tweet photo. We have another collision. The PHP Hooligans did exploit the QNAP TS-453E, but the bug they used was previously seen in the contest. They still earn $10,000 and 2 Master of Pwn points. #Pwn2Own https://t.co/5D4atiEK0y

0

20

4

1

4K

rdjgr retweeted

7 months ago

We have another collision. The PHP Hooligans used a buffer overflow to exploit the Phillips Hue Bridge, but the bug had been previously seen in the contest. They still earn $10,000 and 2 Master of Pwn points. #Pwn2Own

thezdi's tweet photo. We have another collision. The PHP Hooligans used a buffer overflow to exploit the Phillips Hue Bridge, but the bug had been previously seen in the contest. They still earn $10,000 and 2 Master of Pwn points. #Pwn2Own https://t.co/eHoDwhS2sa

0

15

1

2

4K

rdjgr retweeted

7 months ago

Confirmed! The PHP Hooligans used an OOB Write bug to exploit the Canon imageCLASS MF654Cdw printer. Their fifth round win earns them $10,000 and 2 Master of Pwn points. #Pwn2Own

thezdi's tweet photo. Confirmed! The PHP Hooligans used an OOB Write bug to exploit the Canon imageCLASS MF654Cdw printer. Their fifth round win earns them $10,000 and 2 Master of Pwn points. #Pwn2Own https://t.co/kCzXwlzzqK

0

34

2

4K