29 Photos and videos
splitline ποΈπββ¬ retweeted
That's a wrap on Pwn2Own Berlin 2026! π $1,298,250 awarded. 47 unique 0-days. 3 days of absolute chaos. And talk about main character energy - congrats to DEVCORE for claiming Master of Pwn with 50.5 points and $505,000 - they never slowed down. See you next year! #Pwn2Own #P2OBerlin
21
96
683
81,740
Booyah it's been confirmed! π splitline (@_splitline_) of DEVCORE Research Team chained 2 bugs to exploit Microsoft SharePoint, earning $100,000 and 10 Master of Pwn points. Massive aura farming this year at #P2OBerlin. Full win! #Pwn2Own
4
13
171
15,827
pure logic bug chain to pwn browser
no memory corruption
found without AI assistance
π is built different omg
Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
1
80
7,601
splitline ποΈπββ¬ retweeted
May 8
Honestly, with a little LLM help, I found variants, built a working PoC, and sent a polished patch to maintainer on the same day CopyFail dropped. So Iβm curious why Xint didnβt find those variants before disclosure, assuming AI tools are used heavily in their workflowπ
Disclaimer: Iβm an independent reporter and the patch author of the xfrm-ESP vulnerability, unrelated to the Dirty Frag post.
π₯ Introducing "Dirty Frag"
A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail.
No race, no panic on failure, fully deterministic. ~9 years latent.
Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more.
Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation.
Details:
dirtyfrag.io
5
11
110
26,667
is there any cool non-frontend web ctf challenges this year that aren't llm-solvable π
1
4
830
And this makes sense given how many CTFs are held per year.
However, the ideal CTF challenge, in my opinion, should follow this formula:
"The author conducted a mini-research project and instead of publishing it, turned it into a challenge."
3
15
127
14,374
splitline ποΈπββ¬ retweeted
What Iβve always found amazing about CTFs is that "flag is flag". Whether you found an unintentional solve or pwned the browser with n-day for a XSS challenge, it didn't matter.
I totally get the frustration of AI, but there is no solution other than accepting the change.
Mar 2
I started playing CTFs in 2022, and LLMs definitely changed the **competitive** CTF scene a lot, especially since mid-2025. I also started using LLMs in late 2025. Yes, those models did one-shot many challenges, but what's the fun of slopping them? I learned absolutely nothing π₯²
ALT DaveZero's personal opinion towards AI slopping in CTFs. @Srdnlen CTF 2026 Quals Discord server.
18
38
447
69,545
splitline ποΈπββ¬ retweeted
4 Dec 2025
A POC for CVE-2025-55182
gist.github.com/maple3142/48β¦
32
429
1,968
550,315
splitline ποΈπββ¬ retweeted
26 Jun 2025
A bit late, but I just published my blog post on bypassing Ubuntuβs sandbox! Hope you enjoy it!
u1f383.github.io/linux/2025/β¦
5
110
389
40,735
splitline ποΈπββ¬ retweeted
12 Feb 2025
The blog post is the full version of my talk at 38c3.
It's about some vulnerabilities we found in libarchive and some interesting behaviors of libarchive that you don't want to miss.
My favorite part is it only took us 56 seconds to trigger a crash by AFL .
Our latest deep dive explores libarchive vulnerabilities under recent Windows 11 updates. ππ
Check out NiNi's (@terrynini38514) technical write-up for key insights and security implications.
Read more here: devco.re/blog/2025/02/12/froβ¦
#VulnerabilityResearch
#Cybersecurity
18
80
14,272
π€Congrats Orange(@orange_8361) and Splitline(@_splitline_) on making it to 2024 Top 10 Web Hacking Techniques!
Check out their groundbreaking research: portswigger.net/research/topβ¦
4
34
2,633
26 Dec 2024
I will drop one web challenge there πββ¬
17
2,075
11 Dec 2024
Our hackathon for that website Worst.Fit was done successfully π₯°
11 Dec 2024
Our talk at #BHEU is done! Hope you all enjoyed it. π A detailed blog is on the way, but in the meantime, check out the pre-alpha website worst.fit/ for early access and the slides!
Huge thanks to @BlackHatEvents and my awesome co-presenter @_splitline_! πβ
1
2
22
3,653
2 Oct 2024
Cool findings πββ¬
2 Oct 2024
Remember CVE-2024-4577, the PHP-CGI RCE bypass? Actually, the Best-Fit 'feature' also impacts non-CJK codepages such as locales in the Americas, Western Europe, Oceania, and more! @_splitline_ and I will share these cool findings at @BlackHatEvents! π₯
Let's make argument injection great again! π
blackhat.com/eu-24/briefingsβ¦
1
10
2,626
Excited to share our research on Kernel Streaming! We discovered several vulnerabilities in it that we used at Pwn2Own this year.
Check it out: devco.re/blog/2024/08/23/strβ¦
5
124
327
45,844
22 Aug 2024
I made one harder challenge πββ¬
wargame.d3vc0r3.tw/
I've prepared 3 easy wargame challenges for HITCON CMT 2024 event, plus my coworker's challenge for a total of 7 challenges. I hope everyone enjoys themπ₯³
1
10
2,400