Pentester | Bug Hunter 🇫🇷
Joined May 2014
- Tweets 134
- Following 574
- Followers 812
- Likes 1,577
5 Photos and videos
Hi,
Here is a small article of critical vulnerabilities we found on SPIP/Root-Me.
You will find the exploitation of a CSRF and the bypass of the @TheLaluka RCE fix.
spawnzii.github.io/posts/202…
7
34
87
SpawnZii retweeted
10 Feb 2025
Heyo ! 🍺
Prochain stream demain Mardi 11 Fev à 21h !
Au programme :
- Intro Actus & Mini Techno-Watch
- Then GestSup Pwning avec @_Worty & @SpawnZii 🧨
See you there !
➡️ twitch.tv/thelaluka
4
16
3,418
Just got a reward for a critical vulnerability submitted on @yeswehack -- SQL Injection (CWE-89). yeswehack.com/hunters/spawnz… #YesWeRHackers
3
3
55
2,193
SpawnZii retweeted
18 Oct 2024
Just published a quick blogpost about my failing journey trying to get a valid entry for this edition.
link.medium.com/AJgtsUo2MNb
I'll keep trying until I succeed!
In the meantime I wish good luck to all participants and may the demo God be with you 🤘
17 Oct 2024
Registration for #Pwn2Own Ireland is officially closed!! We officially have a plethora of attempts, which means a lot to us. Tune in for the drawing for order next Monday, Oct 20, 14:30 Cork time (GMT 1) youtube.com/live/Km4nRs9HexM…
3
11
52
7,577
SpawnZii retweeted
11 Jul 2024
🎵 Please don't pwn the music 🎵
Who could say no to a party before a #LHE? Not our bug hunters! They joined our pre-hack party last Friday after an exciting 1st day at @_leHACK_. With fresh beer, great music & amazing people, it was surely a night to remember!
#HackThePlanet
2
6
36
3,621
Just got a reward for a critical vulnerability submitted on @yeswehack -- OS Command Injection (CWE-78). #YesWeRHackers
3
30
1,780
SpawnZii retweeted
12 May 2024
Awesome work from @aituglo !
Try hackyx.io for learning, find way to exploit vulnerabilities, read write up. It’s a real game changer and it’s free !
Send us your suggestions for data to scrape or feel free to contribute to the github repo. 😁
12 May 2024
Hackyx now fully has filters to easily find anything !
hackyx.io
Also a big thanks to @Wlayzz for adding huntr.dev/ reports
3
13
1,804
Yay, I was awarded a $12,000 bounty with @Chackal__ on @Hacker0x01! hackerone.com/spawnziii #TogetherWeHitHarder
HackerOne profile - spawnziii
French student in cybersec - https://spawnzii.github.io/
hackerone.com 11
1
165
9,885
Slightly late, but I was also lucky enough to take part in HMIF @yeswehack at @LouisVuitton
A great event with great people !
20
1,089
SpawnZii retweeted
27 Mar 2024
I've stumbled upon another security issue with macro execution in @LibreOffice! 😅
2
5
34
2,582
SpawnZii retweeted
22 Jan 2024
Our ninja @_Worty in collaboration with @SpawnZii (from @Bzhunt1) found 5 vulnerabilities allowing to compromise accounts and execute arbitrary commands on GestSup. Update to 3.2.45 and read the security details in the technical advisory: synacktiv.com/advisories/mul…
21
64
12,139
SpawnZii retweeted
11 Jan 2024
Our ninja @_Worty identified a remote code execution from a privileged user in Cisco Access Point WAP371. This vulnerability referenced as CVE-2024-20287 will not be patched, apply network restrictions to protect your appliances.
synacktiv.com/advisories/rem…
7
35
170
12,006
SpawnZii retweeted
21 Dec 2023
In September, I looked into mlflow, and found several critical vulnerabilities 😁
Most of these reports are now patched and publicly available here: huntr.com/users/kevin-mizu
My favorite one involves a fully controlled file write via a custom rogue FTP 👇huntr.com/bounties/029a3824-…
6
19
97
7,610
SpawnZii retweeted
11 Dec 2023
📣 Give it up to the brave survivors of Brains & Bytes 📣
#UniversityCTF23 has come to an end, and these are its champions:
🥇 @GCC_ENSIBS
🥈 @EsnaBretagne
🥉 @Phreaks2600
Thank you, everyone, for participating in the epic #CTF, and of course, stay tuned for more to come 😉
#HackTheBox #HTB #Cybersecurity #CaptureTheFlag
6
26
155
17,365
SpawnZii retweeted
14 May 2023
Un immense merci à l'organisation du @HeroCTF pour son infra et ses challenges d'une qualité exceptionnelle ! 👏
Bravo à tous les participants et félicitations à nos joueurs @0xItarow @shinji_01h @Gaburall @SpawnZii @Atlas453_ pour leur performance ! 🔥🔥
End of the CTF ! 🔥
The writeups will be available shortly: github.com/HeroCTF/HeroCTF_v…
GG to everyone and to the winners @MedusHack !
Many thanks to our sponsors 🙏
Really hope you enjoyed😄
2
7
28
3,470
End of the CTF ! 🔥
The writeups will be available shortly: github.com/HeroCTF/HeroCTF_v…
GG to everyone and to the winners @MedusHack !
Many thanks to our sponsors 🙏
Really hope you enjoyed😄
2
15
58
21,414
SpawnZii retweeted
11 May 2023
[THREAD] Les intimidations de 2600 après le PWNME, quelle ambiance ! 1/10
6
57
152
129,426
Très fier de finir à la première place avec les potes de l’ @EsnaBretagne :)
Gg a vous @Atlas453_ @DinerHell @0xItarow @Gaburall @SpawnZii @iHuggsy @D1n0x0r & d’autres :)
Huge play aux potes de @gcc_ensibs , on a eu chaud vous étiez bouillant :p
6 Apr 2023
Voici le classement complet de cette #EC2 2023 ! 🏆
Un grand bravo aux ESNARCOTRAFIQUANTS pour leur victoire ! 👏
ALT Classement final de l'EC2 2023
15
15
106
13,636
CVE-2022-37155 RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via a GET parameter cve.mitre.org/cgi-bin/cvenam…
3
9