Crusaders of Rust

113 posts

Crusaders of Rust

@cor_ctf

A European and American Security Research Group

Katılım Şubat 2021

39 Takip Edilen2.7K Takipçiler

Crusaders of Rust@cor_ctf·3d

Awesome research from @ryaagard 👀

OtterSec@osec_io

We achieved a guest-to-host escape by exploiting a QEMU 0-day where the bytes written out of bounds were uncontrolled. Full breakdown of the technique, glibc allocator behavior, and our heap spray/RIP-control primitive ↓

English

2.4K

Crusaders of Rust retweetledi

kqx@kqx_io·8 Mar

played DiceCTF quals and managed to blood the kernel pwn challenge and won the $150 bounty! check out the writeup: kqx.io/writeups/corne…

English

185

10.2K

Crusaders of Rust retweetledi

chompie@chompie1337·24 Kas

Watch XOR’s talk CUDA de Grâce: Owning AI Cloud Infrastructure with GPU exploits Kernel + driver bugs aren’t just a LPE problem, they’re a cloud problem. With the explosion of AI in the cloud, NVIDIA’s GPU drivers have become a valuable attack surface youtu.be/Lvz2_ZHj3lo

YouTube

English

296

50.6K

Crusaders of Rust retweetledi

Pumpkin 🎃@u1f383·25 Kas

My HEXACON talk video is out! It covers a small race condition in the Linux kernel’s io_uring. I recommend watching it at 1.25× speed since I’m still not great at speaking 😅 youtube.com/watch?v=Ry4eOg… Here is the slide! u1f383.github.io/slides/talks/2…

YouTube

English

149

14.2K

Crusaders of Rust@cor_ctf·24 Kas

Our @hexacon_fr talk is out on Youtube now😎 youtu.be/C-52Gwmce3w Follow the slides at: storage.googleapis.com/static.cor.tea…

YouTube

English

12K

Crusaders of Rust retweetledi

Hexacon@hexacon_fr·24 Kas

If you missed HEXACON 2025 or want to rewatch some of the talks, they’re now available on our YouTube channel 📽️ Enjoy the content, and see you in 2026! youtube.com/playlist?list=…

English

133

27.9K

Crusaders of Rust@cor_ctf·13 Kas

Congrats @ryaagard 👀 We will not be connecting to any Minecraft servers you host.

OtterSec@osec_io

Our research team achieved client RCE on Minecraft Bedrock Edition via a heap overflow to bypass ASLR and sidestep CFG. Writeup to come.

English

149

10.3K

Crusaders of Rust@cor_ctf·13 Eki

We at CoR (+ @u1f383) had a great experience at @hexacon_fr this weekend Met many skilled VR people, the venue was amazing, and the speaker gifts were simply🔥 Best offensive security conference we have seen so far - thanks again to the organizers for the opportunity!

English

9.2K

Crusaders of Rust retweetledi

Hexacon@hexacon_fr·11 Eki

An RbTree Family Drama: Exploiting a Linux Kernel 0-day Through Red-Black Tree Transformations by William Liu and Savino Dicanosa

English

3.4K

Crusaders of Rust@cor_ctf·24 Eyl

Wanna learn how to perform OOP in functional programming all in Google Sheets? Come check out our team member @MaxCai33447144 research, which he made into a corCTF 2025 challenge! cor.team/posts/corctf-2…

English

1.7K

Crusaders of Rust@cor_ctf·17 Eyl

We have a🔥presentation ready for Hexacon. Come grab a beer with us afterwards! See everyone in Paris🇫🇷🫡

Hexacon@hexacon_fr

📢 An RbTree Family Drama: Exploiting a Linux Kernel 0-day Through Red-Black Tree Transformations by William Liu & Savino Dicanosa

English

3.3K

Crusaders of Rust@cor_ctf·14 Eyl

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) willsroot.io/2025/09/ksmbd-… Cheers to @u1f383 for finding these CVEs + the OffensiveCon talk from gteissier & @laomaiweng for inspiration!

English

201

760

81.1K

Crusaders of Rust@cor_ctf·12 Eyl

Check out our teammate's retrospective on his kernel fuzzing summer: willsroot.io/2025/09/syz-su… It covers a net/sched fuzzing quirk (inspiring HangBuzz101 in corCTF), and summarizes the kernelCTF adventures of our team. Another really cool exploit write-up will drop this Sunday 👀

English

7.5K

Crusaders of Rust@cor_ctf·8 Eyl

For corCTF2025 our teammate D3vil (syst3mfailure.io) wrote an Android kernel pwn. Congrats to @u1f383 for the only solve! Make sure to read his writeup!

Pumpkin 🎃@u1f383

Last weekend, I participated in corCTF and solved the Android Pwn challenge - corphone. It was a great challenge, and I learned a lot from it. Here's my write-up :) u1f383.github.io/android/2025/0…

English

4.3K

Crusaders of Rust@cor_ctf·7 Eyl

We recently claimed the cos-113 slot with an exploit for CVE-2024-58240😎 A backport for an exploitable UAF was missed for 6.1.x for the past 1.5 years🧐 Maybe when we have healed from our recent 100k bug bounty typo will we tell the full story🤪

English

6.4K

Crusaders of Rust@cor_ctf·7 Eyl

Per tradition, corCTF rev is just VM rev. Check out these 2 author writeups about VM rev from @MaxCai33447144, our new reverse engineer lead! cor.team/posts/corctf-2… cor.team/posts/corctf-2…

English

6.8K

Crusaders of Rust@cor_ctf·5 Eyl

Come check out our author writeup for corctf-challenge-dev-2 from Drakon: cor.team/posts/corctf-2… Timing side-channel attack against Chromium extensions😎

English

3.1K

Crusaders of Rust@cor_ctf·1 Eyl

corCTF 2025 has ended! Congrats to the top 5: 1. @FlatNetworkOrg 2. @r3kapig @ProjectSEKAIctf 3. The Amazing Digital Orange 4. @TheRomanXpl0it 5. STM Thank you to all of our players and sponsors! @osec_io, Research Innovations, @ret2systems, @trailofbits, @vector35, @googlecloud

English

9.3K

Crusaders of Rust@cor_ctf·31 Ağu

24 hours left in corCTF! Come play if you haven't already, and let's see if there are any big moves in the final day 👀 Our final challenge wave will be dropping shortly.

English

1.5K

Crusaders of Rust@cor_ctf·30 Ağu

Online Safety Act getting in your way? Win £50 or a year of NordVPN in misc/england. Come play corCTF 2025, only 42 more hours to go!

English

Keşfet

@ryaagard @hexacon_fr @u1f383 @MaxCai33447144 @laomaiweng @FlatNetworkOrg @r3kapig @ProjectSEKAIctf