2 Photos and videos
Introducing HTTP/2 Bomb: a remote DoS in nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora. A single client pins 32GB of server memory in 10s. Found by Codex.
Blog post: blog.calif.io/p/codex-discov…
PoCs: github.com/califio/publicati…
25
438
2,011
184,774
rekter0 retweeted
May 12
Microsoft is investigating mistralai PyPI package v2.4.6 compromise. Attackers injected code in mistralai/client/__init__.py that executes on import, downloads hxxps://83[.]142[.]209[.]194/transformers.pyz to /tmp/transformers.pyz, and launches a second-stage payload on Linux. The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments.
The main payload is a credential stealer, but it also includes country-aware logic; it avoids Russian-language environments and contains a geo fenced destructive branch that has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran.
To mitigate this threat: isolate affected Linux hosts, block 83[.]142[.]209[.]194, hunt for /tmp/transformers.pyz, pgmonitor[.]py, and pgsql-monitor.service, and rotate exposed credentials.
ALT Screenshot of mistralai PyPI package v2.4.6 compromise
32
833
8,531
413,198
can we please get the libxml2 and ffmpeg people some cold cash, lambo's and decent quality blow as a token of appreciation for all the ASAN splats we throw over the fence and want to have fixed pronto? I know one man's trash (CVE's) is another man's treasure, but we gotta respect and support these hardworking devs a bit more. how else do you expect to play back (x-rated) flicks that come in esoteric video container formats or correctly render SVG's containing vector depictions of your favorite animals in safari?
1
11
88
8,578
rekter0 retweeted
26 Aug 2025
I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now exploit CSS injection via style attributes! Learn how below:
portswigger.net/research/inl…
ALT <div style='--val: attr(data-uid); --steal: if(style(--val:"1"): url(/1); else: if(style(--val:"2"): url(/2); else: if(style(--val:"3"): url(/3); else: if(style(--val:"4"): url(/4); else: url(/5))))); background: image-set(var(--steal));' data-userid="3">
13
86
361
26,622
rekter0 retweeted
13 Aug 2025
🥈 Thrilled to nab 2nd as Blue Water, teamed up with @perfect_blue at DEFCON CTF Final 33!
🙌 Congrats to @mmm_ctf_team for their 4th straight 1st
💪 We’re gunning for the crown next year! Join our crew to make it happen! DM us or drop us an email! 🚀
#DEFCON #CTF
2
9
42
9,301
rekter0 retweeted
17 Jul 2025
I just learned that OSC8 (hyperlinks) in Windows Terminal uses ShellExecute(). Excellent trolling potential for README files 😆
14
85
470
55,743
rekter0 retweeted
9 Dec 2024
🧵 [1/4] Here is our DOMPurify 3.2.1 bypass, using a namespace confusion technique where each element is initially in a “correct” namespace.
When it was allowed, the ‘is’ attribute was not handled correctly, making the attribute content’s regex check obsolete.
#mXSS #XSS
2
40
146
17,264
rekter0 retweeted
1 Dec 2024
Jesse Pollak showing the ease of onboarding with Onflow.
16
27
138
69,315
rekter0 retweeted
16 Nov 2024
Trade onchain with counterparties, not addresses, privately.
Finally, a small demo of the Onflow protocol, fully computed proof in zero-knowledge with no internet required.
Going live on Base soon, and many other ecosystems.
1-click ZK-KYC, everywhere, imminent✨
8
10
71
13,810
rekter0 retweeted
26 Dec 2023
📝Another fantastic write-up about the Remedy Closed Beta Challenge. Dive into details r0.haxors.org/posts?id=43
Big kudos to @rekter0 for this comprehensive breakdown🙏
Curious about and want to give it a shot? Join us on Discord to explore and take part discord.gg/q5kZAH7kN5
1
4
19
1,348
rekter0 retweeted
10 Sep 2023
Thx for hosting such a great CTF. Great team work with @pb_ctf. Congraz to *0xA and MMM. See you guys in Final!
10 Sep 2023
#HITCONCTF2023
After 48 hours of fighting, the HITCON CTF 2023 Qualification has finally ended.
Top 3 teams
🥇Blue Water
🥈*0xA
🥉MMM
Top 1 Taiwanese team
🎖Flag Connoisseur
We’re now reviewing the final results, the full finalists will be officially announced afterwards.
6
20
5,349
rekter0 retweeted
22 Aug 2023
Blue Water places 2nd place in DEF CON CTF Finals!
Blue Water is a merger of @pb_ctf @Water_Paddler Samsung Research Tea Deliverers.
Thank you to @Nautilus_CTF for the great CTF, and shoutout to all the other finalists!
See you next year? 😉
4
16
83
13,550
Multiple vulns in vestacp including 2 privesc found with @0xkasper
26 Apr 2022
🚨 New advisory was just published! 🚨
Find out how multiple vulnerabilities in VestaCP allow remote attackers to obtain root access and take over the product:
ssd-disclosure.com/ssd-advis…
2
3
26
impressCMS - unauthenticated code execution
r0.haxors.org/posts?id=8
4
46
136
Exploiting NFS server via SSRF
#HITCON CTF 2021 Metamon-Verse Writeup
r0.haxors.org/posts?id=27
1
51
168
Moodle Blind SQL injection via MNet authentication
r0.haxors.org/posts?id=26
15
39