@Chocologicall profile picture
Jia Hao @Chocologicall

Patience is a virtue. Every puzzle has an answer. | Opinions expressed are of my own.

Joined July 2012
  • Tweets 749
  • Following 265
  • Followers 510
1 Photos and videos
Jia Hao retweeted
starlabs@starlabs_sg
22 Jul 2024
As promised, we are releasing the source code & writeup for the #OffByOneConf badge 1 month after the event, allowing interested participants the opportunity to explore it. Thanks largely to Manzel, other team members & interns who help to make it happen. starlabs.sg/blog/2024/07-bad…
19
55
4,882
Jia Hao retweeted
Ngo Wei Lin@Creastery
6 May 2024
Check out my write-up on a seemingly harmless and limited send() in GitHub (CVE-2024-0200) and how it could be used to obtain environment variables from a production container and to achieve remote code execution in GitHub Enterprise Server: starlabs.sg/blog/2024/04-sen…

5
84
241
40,117
Jia Hao retweeted
starlabs@starlabs_sg
18 Mar 2024
Route to Safety: Navigating Router Pitfalls is the swansong from @daniellimws starlabs.sg/blog/2024/route-… We hope everyone enjoyed his informative post and wish him all the best in his future endeavours.

2
29
60
12,907
Jia Hao retweeted
starlabs@starlabs_sg
23 Feb 2024
We are organising a conference on 26th - 27th June 2024 Attention Speakers: Our 2024 Call for Papers is now open! #OffByOne2024? Learn all about it: offbyone.sg/cfp/

OFF-BY-ONE 2026 - Singapore // 14-15 Sept

Off-by-One is Singapore's annual cybersecurity conference for the offensive security community. Two days of deeply technical talks covering vulnerability research, reverse engineering, exploit...

offbyone.sg
1
22
63
19,883
Jia Hao retweeted
Off-By-One Conference@offbyoneconf
3 Feb 2024
Off-by-One 2024 Conference CFP is now opened! Be part of a historical event and shape the future of offensive security in this region. Submission and speaker benefits offbyone.sg/cfp/ If you like to talk to us, drop us a line at info@offbyone.sg
18
33
8,392
Jia Hao retweeted
starlabs@starlabs_sg
8 Dec 2023
Great to see that some of the bugs that we reported to ICS vendors had been fixed. Thanks to @Peterpan980927 & @CurseRed for CVE-2023-6358 industrial.softing.com/servi… And @testanull for CVE-2023-39474 support.inductiveautomation.… More to come soon.

Security Information | Softing

industrial.softing.com
1
7
31
11,457
Jia Hao retweeted
starlabs@starlabs_sg
28 Nov 2023
Several Chamilo RCE detailed analysis from our team member, @Creastery Patches available since September 2023. starlabs.sg/advisories/23/23… starlabs.sg/advisories/23/23… starlabs.sg/advisories/23/23… starlabs.sg/advisories/23/23… starlabs.sg/advisories/23/23… starlabs.sg/advisories/23/23…

(CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code Execution

Summary Product Chamilo Vendor Chamilo Severity High - Adversaries may exploit software vulnerabilities to obtain unauthenticated remote code execution. Affected Versions <= v1.11.24 Tested Versions...

starlabs.sg
13
65
16,769
Jia Hao retweeted
starlabs@starlabs_sg
14 Nov 2023
Our team members have spotted another fake account imposing as our team member. This is the fake account: linkedin.com/in/振… This one belongs to our team member. linkedin.com/in/zhenpeng-pan…

1
7
14
18,815
Jia Hao retweeted
starlabs@starlabs_sg
1 Nov 2023
9 Bug reports, 8 CVEs, 7 months to get these advisories public. Our team member, @CurseRed & (former) intern, @junr0n found multiple vulnerabilities in Bitrix24 (after spending 1month on it) Please read the technical details in the security advisories:
3
3
44
12,547
Jia Hao retweeted
starlabs@starlabs_sg
1 Nov 2023
Our team member, @Chocologicall , found 2 vulnerabilities in Dolibarr ERP CRM Please read the security details in the technical advisories here: starlabs.sg/advisories/23/23… starlabs.sg/advisories/23/23… CVE-2023-4197 & CVE-2023-4198

(CVE-2023-4197) Dolibarr ERP CRM (<= 18.0.1) Improper Input Sanitization Authenticated RCE

Summary: Product Dolibarr ERP CRM Vendor Dolibarr Severity High Affected Versions <= 18.0.1 Tested Versions 17.0.1, 18.0.1 CVE Identifier CVE-2023-4197 CVE Description Improper input validation in...

starlabs.sg
5
31
4,974
Jia Hao retweeted
starlabs@starlabs_sg
27 Oct 2023
Awesome work by our team members @testanull @hi_im_d4rkn3ss @linhlhq @tuanit96 & @st424204 for their successful entries x.com/thezdi/status/17169579… x.com/thezdi/status/17169271… Not forgetting the rest of our team members who attempted to find bugs for P2O amid a hectic schedule

TrendAI Zero Day Initiative
@thezdi
24 Oct 2023
Success! STAR Labs SG was able to execute a 2-bug chain including directory traversal and command injection against the QNAP TS-464. They earn $20,000 and 4 Master of Pwn points. #Pwn2Own
1
8
55
8,682
Jia Hao retweeted
starlabs@starlabs_sg
29 Sep 2023
Our team member, @Creastery , & our former intern, @oceankex, prepared this some time ago. "Analysis of NodeBB Account Takeover Vulnerability (CVE-2022-46164)" starlabs.sg/blog/2023/09-ana… While writing this, they found another bug starlabs.sg/advisories/23/23… We hope you enjoy it

Analysis of NodeBB Account Takeover Vulnerability (CVE-2022-46164)

Back in January 2023, I tasked one of our web security interns, River Koh (@oceankex), to perform n-day analysis of CVE-2022-46164 as part of his internship with STAR Labs. The overall goal is to...

starlabs.sg
8
52
8,567
Jia Hao retweeted
starlabs@starlabs_sg
25 Sep 2023
Do check out this new advisory made public by our team member, @Chocologicall It's CVE-2023-2315, Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 starlabs.sg/advisories/23/23…

(CVE-2023-2315) Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2

Summary: Product OpenCart Vendor OpenCart Severity High - Adversaries may exploit software vulnerabilities to empty any file on the server with write permissions. Affected Versions 4.0.0.0 - 4.0.2.2...

starlabs.sg
8
34
4,393
Jia Hao retweeted
Mehmet INCE
@mdisec
31 Aug 2023
Awesome research !! 🤘❤️ This remind me a research that I've done 6 years ago on the Trend Micro product family. I specially focused on these PHP bugs👇 pentest.blog/one-ring-to-rul…

Jia Hao@Chocologicall
31 Aug 2023
I've finally published the advisories regarding the Trend Micro bugs that I shared at #HITCON! Do check them out at @starlabs_sg's advisory page: starlabs.sg/advisories/ 🏌️‍♂️CVE-2023-32530 is an interesting case of SQLi to RCE: starlabs.sg/advisories/23/23…
1
2
19
10,766
Jia Hao@Chocologicall
31 Aug 2023
I've finally published the advisories regarding the Trend Micro bugs that I shared at #HITCON! Do check them out at @starlabs_sg's advisory page: starlabs.sg/advisories/ 🏌️‍♂️CVE-2023-32530 is an interesting case of SQLi to RCE: starlabs.sg/advisories/23/23…

Advisories

CVE advisories and vulnerability reports published by STAR Labs.

starlabs.sg
41
165
79,663
Jia Hao retweeted
starlabs@starlabs_sg
22 Aug 2023
We have just uploaded the slides by @Chocologicall github.com/star-sg/Presentat… and by @CurseRed github.com/star-sg/Presentat… Thanks a lot to @HacksInTaiwan for organising a fantastic conference and our team members are truly honored to participate in it.
19
49
6,582
Jia Hao@Chocologicall
18 Aug 2023
Looking forward for the next 2 days! #HITCON
4
881
Jia Hao@Chocologicall
21 Jul 2023
Excited to share my findings with all :)
starlabs@starlabs_sg
21 Jul 2023
Looking forward to the look by our team member @Chocologicall
5
1,198
Jia Hao retweeted
starlabs@starlabs_sg
13 Jul 2023
These bugs are found by our former team member, @PTDuy but it took us a long time/process. We pluck up our courage and ask @minliangtan via FB. Mr Tan replied us instantly & directed us to Razer's security team. We are forever greatly to Mr Tan youtube.com/watch?v=A53hBiLQ…

Demo on Razer EoP Exploits - CVE-2023-3513 & CVE-2023-3514

This is the demo of CVE-2023-3514. RazerCentralSerivce unsafe Named...

youtube.com
12
34
4,566
Jia Hao@Chocologicall
14 May 2023
🤩
TheZDIBugs@TheZDIBugs
12 May 2023
[ZDI-23-587|CVE-2023-32523] Trend Micro Mobile Security for Enterprises widget WFUser Authentication Bypass Vulnerability (CVSS 9.8: Credit: Poh Jia Hao of STAR Labs SG Pte. Ltd.) zerodayinitiative.com/adviso…
1
8
1,326
Load more