ttt

@tchght

Joined December 2020

309 Following

278 Followers

121 Posts

9 months ago

@buptsb @dec_eax @NullSecurityX <vibe blog>

0

4

0

0

259

tchght retweeted

j j @mistymntncop

10 months ago

Exploit and mini writeup for CVE-2025-5419. https://t.co/6XvoVSuii5

8

274

61

129

29K

11 months ago

@xvonfers hey guy, why I can't find CL? something wrong?

1

1

0

0

330

over 1 year ago

@jopraveen18 I spent a little time to try the chal this weekend, but I got the time wrong, when I try to exp remote, I found the game is end lol. And the another fact is that my cve-2024-0517 exp use another heap spray method, It's stupid so I waste time lol.

1

5

0

0

229

over 1 year ago

@S1r1u5_ Seems you should use `arr3[15]` to crack some JSArray obj's elememts ptr, we can call it `foo_arr1`, just declare a `foo_arr2` after `foo_arr1`, and then debug to find the offset, just like use `arr3[20]` or something else, implement the `heap_write2` to continue your code

1

1

0

0

118

over 1 year ago

@mistymntncop @S1r1u5_ LOL, in fact, I met the same problem a few days ago, so I'm quite sensitive. Anyway, under the strong sandbox of v8, we need more times write in caged than before.

0

2

0

0

136

over 1 year ago

@S1r1u5_ I mean use `arr[15]` 13 times in your poc

1

0

0

0

133

over 1 year ago

@S1r1u5_ If failed after 13 times, it's about IC, use another index will avoid.

2

5

0

0

371

over 1 year ago

@BaoshengbinCumt @Choko1eto exp primitive is similar all the world, curious about which app😱

1

0

0

0

227

over 1 year ago

@BaoshengbinCumt 持续跟踪 × 等你更新 √

0

1

0

0

224

over 1 year ago

@mistymntncop @xvonfers even typo "OOB" , i don't know what to say...

1

4

0

0

282

almost 2 years ago

Nice work, I am a printer now

tchght's tweet photo. Nice work, I am a printer now https://t.co/XaTixT9cOe

Simone Margaritelli

almost 2 years ago

Attacking UNIX Systems via CUPS, Part I https://t.co/T6SqraB5nh

174

4K

1K

2K

1M

0

0

0

0

3K

tchght retweeted

Jack Ren @bjrjk

almost 2 years ago

Released a slides for CVE-2022-4262! https://t.co/6Ubqyg2ocA

2

43

22

12

4K

tchght retweeted

Man Yue Mo @mmolgtm

almost 2 years ago

In this post I'll use CVE-2024-5830, a bug in object transitions in Chrome to gain RCE in the Chrome renderer sandbox: https://t.co/HT4cLMMA1q

2

266

76

88

48K

tchght retweeted

almost 2 years ago

Also look at https://t.co/9udvU5brsy, a variant-of-a-variant bug that I've exploited on v8CTF :)

2

61

8

27

12K

almost 2 years ago

@udunadan after 1 year, you will find you will stuck in v8 sandbox ,even not browser sandbox.

0

0

0

0

151

almost 2 years ago

@5n1p3r0010 https://t.co/4EZJqMknbP

1

0

0

0

89

almost 2 years ago

@zh1x1an1221 @limeSec_ u 2

0

0

0

0

105

almost 2 years ago

@sheep1028_0818 计科=人工智能，网安=密码学/人工智能，网安好考所以你会发现全周围全是来混学历的但是没有和你同行的人

1

5

0

1

842

tchght retweeted

zhiniang peng @edwardzpeng

almost 2 years ago

Here is our slides for Zer0con 2024, Escaping the Sandbox (Chrome and Adobe Pdf Reader) on Windows https://t.co/He6mNe9WTu

edwardzpeng's tweet photo. Here is our slides for Zer0con 2024, Escaping the Sandbox (Chrome and Adobe Pdf Reader) on Windows https://t.co/He6mNe9WTu https://t.co/fgotlAlT2v

1

363

111

145

29K

Last Seen Users on Sotwe

Trends for you

Most Popular Users