cbwang505

59 posts

cbwang505

@cbwang505

Chief Vulnerability Researcher | Windows full-chain exploitation, kernel internals, and COM security | 2024 MSRC MVR Top 100

Katılım Kasım 2019

154 Takip Edilen571 Takipçiler

cbwang505@cbwang505·17 Nis

there is no public poc

English

523

cbwang505 retweetledi

cbwang505@cbwang505·17 Nis

Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability我的CVE-2026-26176致谢链接msrc.microsoft.com/update-guide/e…

English

6.8K

cbwang505@cbwang505·17 Nis

最新泄露公开的满补丁0day已复现,github.com/Nightmare-Ecli…

中文

247

26.3K

cbwang505 retweetledi

Arthur "Gerhart" Khudyaev@gerhart_x·3 Nis

All symbol addresses for winhv.sys driver from Hyper-V VM using powershell

Arthur "Gerhart" Khudyaev@gerhart_x

Got symbol address from Hyper-V VM (Windows 11) using powershell. Dbgshell can do it for host operating system, as I think.

English

8.4K

cbwang505@cbwang505·14 Nis

@kaijieguigui @carmen_cqq 66666

cbwang505 retweetledi

Kaijieguigui@kaijieguigui·14 Nis

Pwned Windows 11, Claude Code, Cursor, and CodeX after a massive all-nighter! 🎯 Pure brainpower, 0 LLMs. Props to @cbwang505 & @carmen_cqq. Heads down, sprinting for the next batch of 0days. 🏃‍♂️💨

English

238

19.6K

cbwang505@cbwang505·14 Nis

@kaijieguigui @carmen_cqq 666

cbwang505@cbwang505·17 Eki

thanks

English

497

cbwang505@cbwang505·15 Eki

debug isolated usermode process on Nested Virtualization guest vm github.com/cbwang505/Secu…

English

8.8K

cbwang505@cbwang505·9 Eki

不需要关闭host和guest的安全启动也不需要修改bcdedit启用内核或者hypervisor调试,调试嵌套虚拟化hyper-v的guest虚拟机中的ium进程vmsp.exe

中文

cbwang505 retweetledi

rthhh@rthhh17·5 Eyl

Unveiling the details of Windows VTL2, despite its absence in the MSDN documentation. 🤔 #hyperv #windows #virtualization howknows.github.io/roooot.github.…

English

16.5K

cbwang505@cbwang505·14 Ağu

@cplearns2h4ck I use apc usermode api to get system shell test on win11 24h2 wip

English

490

chiefpie@cplearns2h4ck·13 Ağu

Some of my bugs are patched in this month's patch tuesday, including the ones I used for Pwn2Own Berlin 2025. CVE-2025-50167 Race UAF in Hyper-V

English

383

24.2K

cbwang505@cbwang505·14 Ağu

@cplearns2h4ck @GabrielLandau 我是cbwang505,请问能不能留个联系方式交流下hyper-v漏洞

中文

278

chiefpie@cplearns2h4ck·12 Mar

CVE-2025-24050 seems like another case of False File Immutability bug mentioned by @GabrielLandau Host file over SMB to bypass exclusive access -> Return smaller OffsetTableSize when .rct file is read over SMB -> OOB read when parsing OffsetTable

cbwang505@cbwang505

Hyper-v虚拟磁盘驱动vhdmp.sys漏洞汇总分析 bbs.kanxue.com/thread-285976.… [CVE-2025-24048致谢](msrc.microsoft.com/update-guide/e…) [CVE-2025-24050致谢](msrc.microsoft.com/update-guide/e…)

English

2.6K

cbwang505@cbwang505·12 Mar

Hyper-V拒绝服务漏洞CVE-2024-43633 youtu.be/vxDLX6ln6sw?si… 来自 @YouTube

YouTube

中文

898

cbwang505@cbwang505·12 Mar

Hyper-v漏洞CVE-2025-24050演示视频 youtu.be/UX_pSwER_94?si… 来自 @YouTube

YouTube

中文

747

cbwang505@cbwang505·12 Mar

Hyper-v漏洞CVE-2025-24048演示视频 youtu.be/ZNwL65GRuvU?si… 来自 @YouTube

YouTube

中文

693

cbwang505@cbwang505·12 Mar

中文

6.4K

cbwang505@cbwang505·6 Mar

Smb Quic Replay Tool is an tool for Replay SMB protocol over QUIC support Windows 11 , with test for vhdx file container for implement local bind file store backend on the same computer host both client and server network transport. github.com/cbwang505/SmbQ…

English

659

cbwang505@cbwang505·6 Mar

# SmbQuicReplayTool # Smb Quic Replay Tool is an tool for Replay SMB protocol over QUIC support Windows 11 , with test for vhdx file container for implement local bind file store backend on the same computer host both client and server network transport

English

575

Keşfet

@kaijieguigui @carmen_cqq @cplearns2h4ck @GabrielLandau @YouTube @elonmusk @BarackObama @taylorswift13