By design😂

Here's my blog post about CVE-2024-26230. I aim not only to introduce the exploit stage but also hope to share my thoughts on how I completed the exploitation step-by-step in all my posts from now on. whereisk0shl.top/post/a-trick-t…

Hat tip to the researcher who reported such a huge impact bug with good faith to the vendor instead of leveraging it to do evil things, to me it seems unfair to reject bounty and blame the researcher

Excited to be #1 this quarter. The first MSRC leaderboard since I became an independent security researcher and seems to be a good start. Thanks to everyone in MSRC & bounty team for helping as always :-)

GEEKCON 2024 International is just one month away! We're thrilled to unveil the official schedule and topics! Dive deep into over 30 technical programs, join 40+ white-hat hacker teams, and mark your calendars for May 25th & 26th in Singapore! 👏Huge thanks to our ommitte,

Reported a bug - fixed. Then bypassed the patch with excatly the same senario - won't fix. Yet another peace day with MS security engineering team😂

Congrats :-)

Congrats, suprised that MSMQ still has pre-auth RCE

Sad but this is the average quality of MS security engineering/analysis team nowadays. As a bug hunter who worked with them for 10+ years, I'm always wondering what happened inside the department that could cause the quality dropped so much in just a few years ?

If you remembered "Preauth attack senario" instead of "Windows remote access service" after reading the slides, you've probably got what I really want to share in this talk, and wish everyone can get your own big bounty :-)

Our new blog post, "Exploiting Steam: Usual and Unusual Ways in the CEF Framework" Usual way: V8 + sandbox exploit for CEF Unusual way: Pure logical bug chain with 100% stability! darknavy.org/blog/exploitin…

The only constant in their security assessments is inconsistency now adays😂

Achieved #1 this quarter, thanks!

But this was the most challeagning quarter due to the difficulty in cooperating with MS security, with so many incorrect assessments/dups/excuses. I really suggest MSRC leaders to hear some voice DIRECTLY (not questionaires via email) from the top reseachers on the leader board.

Congrats!

Awsome, looking forward 👀

Congrats!🥳🥳

Amazing!

Will discuss some examples/experiences/tips for looking for pre-auth RCE bugs in Windows compontents and reporting them to WIP bug bounty program. See you at #TheSAS2024