Writeups, PoCs of the bugs I found while preparing for the Pwn2Own Miami 2023 contest targeting UaGateway from the OPC UA Server category.
Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stage during the Pwn2Own Miami 2022 competition.
MIami Multi Track tools in Python (or MIami Modelling Tools)
A Pwn2Own exploit chain
翻译 - Pwn2Own漏洞利用链
Pwn2Own Vancouver 2023 Ubuntu LPE exploit
PoC for CVE-2021-3492 used at Pwn2Own 2021
Advanced exploits that I wrote for Pwn2Own competitions and other occasions
翻译 - 我为 Pwn2Own 比赛和其他场合编写的高级漏洞利用
Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018
Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.
翻译 - Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.