Gabriel Prostitis

20 posts

Gabriel Prostitis

@___prosti

CTF player for @TheRomanXpl0it and @towerofhanoi student at @polimi

Italy Katılım Temmuz 2025

141 Takip Edilen296 Takipçiler

Sabitlenmiş Tweet

Gabriel Prostitis@___prosti·8 Ara

stop using ubuntu 24.04 to host your kernel pwn challenges lmao kqx.io/post/qemu-nday/

English

568

70K

Gabriel Prostitis retweetledi

kqx@kqx_io·12h

"Claude find a 0day, make no mistakes" CVE-2026-4447 chromereleases.googleblog.com/2026/03/stable…

English

409

54.8K

Gabriel Prostitis@___prosti·8 Mar

leave absolutely cooked with this one! Unfortunately I wasn't able to play DiceCTF this year but the kernel pwn challenge was pretty cool.

kqx@kqx_io

played DiceCTF quals and managed to blood the kernel pwn challenge and won the $150 bounty! check out the writeup: kqx.io/writeups/corne…

English

Gabriel Prostitis retweetledi

kqx@kqx_io·2 Mar

Exploiting latest v8ctf instance with a 0day? ✅ Beating try-hards who stalk commits and exploit it as an N-day? ❌ In any case keep an eye out for the CVE release and stay tuned for a crazy post on kqx.io once the issue goes public

English

5.6K

Gabriel Prostitis retweetledi

kqx@kqx_io·20 Şub

A little bonus while we're working on other cool stuff :)

English

106

4.1K

Gabriel Prostitis@___prosti·17 Şub

@drivertomtt @FrankOverF1ow congrats!!

English

611

Gabriel Prostitis retweetledi

drivertom@drivertomtt·17 Şub

Hunting Linux kernel 0day with @FrankOverF1ow 5 days, from zero to stable privilege escalation. sha256: 2189d5b196f33d512d8d02c6f00d26f4c10bf79ba1f0ac389d6663e026aebbe8

English

187

15.1K

Gabriel Prostitis@___prosti·14 Şub

@thethiny @__invictus_ Everything is explained in the liked post. Read that and you'll find the answer. In case you missed it kqx.io/post/firefox0d…

English

167

thethiny 🐰🍉@thethiny·14 Şub

@___prosti @__invictus_ Is there a reliable way for a malicious actor to inject custom WASM into the exact memory address this & 1 is supposed to report? That's the only way I can think of this creating an RCE.

English

212

Tim@__invictus_·14 Şub

I don't understand infosec anymore. Someone finds a legit 0day in Firefox and it barely gets any attention. Someone else posts another "RCE" in Firefox (that's not an RCE in Firefox at all) and it gets blasted all over Twitter, with some of the weirdest replies I've ever seen.

kqx@kqx_io

How a single typo led to RCE in Firefox Can you spot the bug? Read now at: kqx.io/post/firefox0d…

English

740

63.4K

Gabriel Prostitis@___prosti·14 Şub

@thethiny @__invictus_ this actually does give RCE. Read the post if you want to know how ;)

English

398

thethiny 🐰🍉@thethiny·14 Şub

@__invictus_ This `& 1` checks if the bit is set. The comment on line 375 is confusing, are they checking if the bit is set or are they setting it? Cuz if they're supposed to set it should be `| 1`. In both cases this does not do any RCE.

English

3.4K

Gabriel Prostitis@___prosti·14 Şub

@__invictus_ Thanks for noticing and for the repost! I saw the other post of a "Firefox RCE" but it's total bs and absolutely not associated with what my teammate found.

English

Gabriel Prostitis retweetledi

kqx@kqx_io·13 Şub

How a single typo led to RCE in Firefox Can you spot the bug? Read now at: kqx.io/post/firefox0d…

English

637

147.2K

Gabriel Prostitis@___prosti·3 Şub

RCE in firefox is crazy!! erge really cooked with this one...

kqx@kqx_io

The fox caught fire??? New blog post very soon at kqx.io 6b2f0f9f754952d956cab1a6922c920664d2636c192db4db614866345369a888

English

102

10.5K

Gabriel Prostitis@___prosti·1 Şub

We decided to create a new account on X to consolidate all information in one place. Follow the account to be updated on the blog! @kqx_io

English

580

Gabriel Prostitis@___prosti·2 Oca

Let's begin the new year with some V8 exploitation! Learn how to turn a broken CanonicalEquality check into arbitrary Wasm type confusion in this ASIS CTF Finals writeup by @Erge! Read it here: kqx.io/writeups/singl…

English

192

8.7K

Gabriel Prostitis retweetledi

leave@_leave07·14 Ara

had fun playing Backdoor CTF 2025, ended up fifth with TRX and first-blooded a kernel pwn challenge. Have a look at the writeup: kqx.io/writeups/vibe_…

English

Gabriel Prostitis retweetledi

leave@_leave07·28 Kas

If you're interested in exploiting JS engines check out what we faced in Romania at DefCamp finals 2025: kqx.io/writeups/inlin…

DefCamp@DefCampRO

It wouldn‘t really be #DefCamp without the #HackingVillage. A huge round of applause for everyone who joined our competitions! Whether you took home a prize or new insights, we hope you had an amazing time!

English

1.5K

Gabriel Prostitis@___prosti·17 Eki

Will you be able to exploit a 13-year-old vulnerability on QEMU'S TCG and become root? kqx.io/attachments/qe… Hit us up in dm if you make progress!

English

1.6K

Gabriel Prostitis retweetledi

leave@_leave07·1 Eyl

had a lot of fun playing corctf this weekend. Ended up at 4th place with TRX and also managed to first-blood the uarch challenge authored by FizzBuzz101. You can find the writeup at kqx.io/writeups/zener…

Crusaders of Rust@cor_ctf

corCTF 2025 has ended! Congrats to the top 5: 1. @FlatNetworkOrg 2. @r3kapig @ProjectSEKAIctf 3. The Amazing Digital Orange 4. @TheRomanXpl0it 5. STM Thank you to all of our players and sponsors! @osec_io, Research Innovations, @ret2systems, @trailofbits, @vector35, @googlecloud

English

Gabriel Prostitis retweetledi

leave@_leave07·22 Ağu

Reviving CVE-2023-0597 with QEMU. Find out more at kqx.io/post/sp0/

English

715

Gabriel Prostitis@___prosti·22 Ağu

Going from IOPL escalation to root. Learn how here: kqx.io/post/fw_cfg/

English

578

Keşfet

@drivertomtt @FrankOverF1ow @thethiny @__invictus_ @kqx_io @erge @elonmusk @BarackObama