🔥Telegram İfşa

starlabs is organising Off-By-One Conference again on 8th May 2025. My team members are revamping several things including the website & adding new activities that are rare in SG conferences. Most likely it will be done after my holidays. Hope to see more submissions this year.

🎄 All I Want for Christmas is a CVE-2024-30085 Exploit 🎄 As always, we at starlabs are sharing what we learnt. This time, it's brought to you by Cherie-Anne Lee starlabs.sg/blog/2024/all-…

Think you’ve got what it takes to pop shells and snag your ticket to... RE//verse and Off-By-One Conference ? 😏 github.com/star-sg/challe…

Get ready for an all-new challenge—a 🏃‍♂️Speed Run CTF, exclusively for Off-By-One Conference attendees! Think fast, hack smart & claim your spot at the top! Watch this space! Huge shoutout to our organizing team: Riatre ptr-yudai spaceraccoon | Eugene Lim Jiantao Li #OBO2025 #CTF

STAR Labs is a Bronze Sponsor of RE//verse! Based in Singapore, they help organizations strengthen their security against evolving cyber threats. Learn more: starlabs.sg

STAR Labs Windows Exploitation Challenge Writeup We're happy to announce that Frost solved our recent Windows exploitation challenge & earned a ticket to Off-By-One Conference ! 🎉 Full writeup here: starlabs.sg/blog/2025/03-s… Thank you to everyone who participated!

出事啦 Next.js 加一個 request header 就可以繞過 middleware 不執行😅

CimFS: Crashing in memory, Finding SYSTEM! chiefpie dug into Microsoft CimFS, found a sneaky 0-day, and guess what? The fix by Microsoft was just locking the door 🔐on unprivileged users. 😂 Dive into the adventure with us: starlabs.sg/blog/2025/03-c…

Just hosted a casual speedrun CTF with Riatre and Jiantao Li at Off-By-One Conference, organized by starlabs! Congrats to Zafirr for taking first place!

A big 🏆 win for Off-By-One Conference 2025 first ever Speed Run CTP Challenge - zafirr!! ⚡ zafirr takes home the grand prize of SGD512, sponsored by starlabs We hoped everyone had fun participating and immersing themselves in this historical challenge!

Just dropped a blog post on a fun bug that our (former since it's reported long long time ago) intern, Devesh Logendran found in Visual Studio Code <= 1.89+ We hope you will have fun reading it. starlabs.sg/blog/2025/05-b…

Confirmed! Chen Le Qi (chiefpie) of STARLabs SG combined a UAF and an integer overflow to escalate to SYSTEM on #Windows 11. He earns $30,000 and 3 Master of Pwn points. #Pwn2Own #P2OBerlin

Nicely done! Billy (Billy) and Ramdhan (Ramdhan) of STAR Labs used a UAF to perform their Docker Desktop escape and execute code on the underlying OS. They earn $60,000 and 6 Master of Pwn Points.

Outstanding! Nguyen Hoang Thach (Thach Nguyen Hoang 🇻🇳) of STARLabs SG used a single integer overflow to exploit #VMware ESXi - a first in #Pwn2Own history. He earns $150,000 and 15 Master of Pwn points. #P2OBerlin

Confirmed!! Dung and Nguyen (Mochi Nishimiya) of STARLabs used a TOCTOU race condition to escape the VM and an Improper Validation of Array Index for the Windows privilege escalation. They earn $70,000 and 9 Master of Pwn points. #Pwn2Own

Big shoutout to Thach Nguyen Hoang 🇻🇳 & Gerrard Tai for flying over & represent us To our 1st-timers Gerrard chiefpie Mochi Nishimiya for the awesome work To Ramdhan & Billy for guiding the next gen & piers Bruce Chen who are part of it Lets continue trying #Pwn2Own

"Why is my exploit taking 10 minutes?" *checks logs* *sees 10,000 kernel warnings* "...oh" 💡 Fresh Friday night read: our intern, Tan Ze Jian, on Mali exploitation - sometimes the fix is simpler than you think! starlabs.sg/blog/2025/05-g…

After 6 months of responsible disclosure, proud to announce our team discovered 13 (mostly exploitable) vulnerabilities in Samsung Exynos processors! Kudos to Billy, Ramdhan, [email protected] & rainbowpigeon CVE-2025-23095 to CVE-2025-23107 📍 semiconductor.samsung.com/support/qualit…

When life gives you tangerines🍊 Intern Lin Ze Wei's task: Port a 2-bug exploit to Pixel 6 Pro Problem: One bug "doesn't work" Solution: Make it work with 1 bug Sometimes the best research comes from working with what you think you have starlabs.sg/blog/2025/06-s…

🎉 Last weekend we participated in bi0sCTF 2025 as r3kapig and secured first place! 🥇 Huge thanks to teambi0s for organizing such an amazing competition! 🙏 Congratulations to Project Sekai CTF for second place 🥈 and thehackerscrew for third place 🥉