Gwangun Jung

148 posts

Gwangun Jung

@pr0Ln

Security Researcher. Pwn2own Winner (Vancouver 2024)

Katılım Temmuz 2010

124 Takip Edilen435 Takipçiler

Gwangun Jung@pr0Ln·22 Oca

Congratulations!

TrendAI Zero Day Initiative@thezdi

Another collision! @fluorite_pwn, @YunjeShin, @yskm_Gunter, @Mafty5275, @clay419, @vvsy46, and @won6_choi of BoB::Takedown targeted the Grizzl-E Smart 40A, hitting one collision and one unique 0-day, earning $15,000 USD and 3 Master of Pwn points. #Pwn2Own #P2OAuto

Gangnam-gu, Republic of Korea 🇰🇷 English

257

Gwangun Jung retweetledi

TrendAI Zero Day Initiative@thezdi·22 Oca

English

4.7K

Gwangun Jung@pr0Ln·15 May

Congregation! They are our mentees who studied in the 13th BoB (Best of Best) offered by Kitri of Korea.

TrendAI Zero Day Initiative@thezdi

Confirmed! Their enthusiasm was rewarded as they used an integer overflow to escape #Oracle VirtualBox and execute code on the underlying OS. They earn $40,000 and 4 Master of Pwn points. #Pwn2Own #P2OBerlin

Gwangjin-gu, Republic of Korea 🇰🇷 English

1.1K

Gwangun Jung@pr0Ln·15 May

They are my mentees who studied in the BoB (Best of Best) 13th education program offered by Kitri of Korea.

Gwangjin-gu, Republic of Korea 🇰🇷 English

186

Gwangun Jung@pr0Ln·15 May

@thezdi @d4m0n_8 🎊 congratulations !!

Gwangjin-gu, Republic of Korea 🇰🇷 English

427

TrendAI Zero Day Initiative@thezdi·15 May

Confirmed! Hyeonjin Choi (@d4m0n_8) of Out Of Bounds earns $15,000 for a third round win and 3 Master of Pwn Points by successfully using a type confusion bug to escalate privileges in #Windows11 #Pwn2Own #P2OBerlin

English

8.7K

Gwangun Jung@pr0Ln·15 May

오 1일차 2등 ㅋㅋ

TrendAI Zero Day Initiative@thezdi

And that bring Day One of #Pwn2Own Berlin to a close. We awarded $260,000 today, but more great research is yet to come. STAR Labs has an early lead on Master of Pwn, but it's anyone's game at this point. Stay tuned for more results as we go.

Gwangjin-gu, Republic of Korea 🇰🇷 한국어

444

Gwangun Jung@pr0Ln·15 May

Congratulations, my coworkers!

TrendAI Zero Day Initiative@thezdi

We have another collision. Hyunwoo Kim (@V4bel) and Wongi Lee (@_qwerty_po) of Theori were able to escalate to root on Red Hat Linux with an info leak and a UAF, but one of the bugs used was an N-day. They still win $15,000 and 1.5 Master of Pwn points. #Pwn2Own

Gwangjin-gu, Republic of Korea 🇰🇷 English

1.1K

Gwangun Jung@pr0Ln·16 Kas

@J_kangel Wow! Congratulations!

English

2.5K

kangel@J_kangel·15 Kas

Our first vmware escape! Very luck to found a bug and finished the exploitation within 3 months.

English

146

2.1K

121.3K

Gwangun Jung retweetledi

Hexacon@hexacon_fr·5 Eki

Utilizing Cross-CPU Allocation to Exploit Preempt-Disabled Linux Kernel by Mingi Cho & Wongi Lee #HEXACON2024

English

7.9K

Gwangun Jung@pr0Ln·4 Eki

Thank you for listening to our presentation. If you have any questions, please DM(or email) me or @bbbig12.

Hexacon@hexacon_fr

Guest Revolution: Our Story of Compromising the Host Kernel from the VMware Guest by @bbbig12 & @pr0Ln #HEXACON2024

Paris, France 🇫🇷 English

2.7K

Gwangun Jung@pr0Ln·3 Eki

Thanks for awesome gifts. @hexacon_fr

Paris, France 🇫🇷 English

1.1K

Gwangun Jung@pr0Ln·1 Eki

Now, We are in Paris.

Paris, France 🇫🇷 English

398

Gwangun Jung@pr0Ln·27 Ağu

Our CFP was accepted by hexacon. See you in Paris! #hexacon

English

1.8K

Gwangun Jung retweetledi

TrendAI Zero Day Initiative@thezdi·22 Ağu

During #Pwn2Own Automotive, the team from @Synacktiv used 2 bugs to take over the #Autel Maxicharger. Our latest blog takes a brief look at how they did it, and how Autel patched it. zerodayinitiative.com/blog/2024/8/22…

English

6.7K

Gwangun Jung retweetledi

Alan Sguigna@AlanSguigna·18 Ağu

Debugging Hyper-V: 1. Halt in hvix64. 2. Set VM Resume breakpoint. 3. Turn on Intel Processor Trace. 4. Break in the Secure Kernel. Record all Intel PT executed instructions by reading Host mode memory from within Guest mode. Hopefully cool video for hypervisor enthusiasts.

English

197

17.6K

Gwangun Jung@pr0Ln·9 Ağu

@_qwerty_po Please buy and bring a new bug for me as a present when you return.😉

English

160

qwerty@_qwerty_po·8 Ağu

See you at DEF CON!

English

1.4K

Gwangun Jung retweetledi

The Haag™@M_haggis·1 Ağu

🚨 solid writeup on CVE-2024-21338! Learn how a clever AppLocker driver exploit bypasses SMEP & kCFG. Two paths to SYSTEM access revealed. Worthy read! Great work by @crowdfense crowdfense.com/windows-apploc…

English

4.5K

Gwangun Jung retweetledi

0xor0ne@0xor0ne·2 Ağu

Very interesting series on dynamically hooking Golang programs Part 1: blog.quarkslab.com/lets-go-into-t… Part 2: blog.quarkslab.com/lets-go-into-t… Credits Mihail Kirov and Damien Aumaître (@quarkslab) #infosec

Français

247

13.3K

Gwangun Jung@pr0Ln·6 Tem

@_qwerty_po Just joke 😃 Congratulations again!

English

172

qwerty@_qwerty_po·6 Tem

@pr0Ln Oh... This is a rather dangerous proposal lol

English

132

qwerty@_qwerty_po·6 Tem

Exploit mitigation kernel but IDK it is legal(using Slab OOB). I thought it could bypass protections similarly at UAF. However.... anyway exploited?

English

Gwangun Jung@pr0Ln·6 Tem

@_qwerty_po Great! The seat next to me is always empty. See you on Monday!

English

128

qwerty@_qwerty_po·6 Tem

@pr0Ln Yep, right

English

252

Keşfet

@fluorite_pwn @YunjeShin @yskm_Gunter @Mafty5275 @clay419 @vvsy46 @won6_choi @thezdi