I just received a $140K bounty reward for submitting two critical bug report on @immunefi!
#Web3bounty
Nolan | Exvul
1,932 posts
Nolan | Exvul
@ma1fan
- this is our analysis of the tcpip vulnerability cve-2022-34718 including PoC
- a lot of exploit tricks :)
- here is the poc CVE-2019-6207,kernel heap info leak , which can trigger in macOS && iOS sandbox, I will update more details about the vulnerability,enjoy it!I will release the Poc and writeup for CVE-2019-8540 ,CVE-2019-6207 which found by myself.😜
github.comGitHub - maldiohead/CVE-2019-6207: xnu kernel heap info leakxnu kernel heap info leak. Contribute to maldiohead/CVE-2019-6207 development by creating an account on GitHub. - Lol, I found a stack overflow in a famous blockchain protocol.😆
- Yes, I did it again, big thanks @immunefi , with their mediation, The team send the bounty to me in the end
- I found a critcal bug in a wallet which have 100k+ users,which the attacker can stolen user's privatekey, I reported to the team,The team obtained the bug details, then deleted the chat(in TG). They claimed it wasn't a security vulnerability and fixed it quietly, no any
- Replying to @wangzhian8848王局回避事实,故意阴阳自己,来博得同情,其实这种小伎俩王局最擅长。最有力的回击应该是用事实来说明,这种小丑行为只能更加坐实李沁说的是事实。太搞笑了,说明王局黔驴技穷了
- here is the poc of CVE-2019-8540I will release the Poc and writeup for CVE-2019-8540 ,CVE-2019-6207 which found by myself.😜github.comGitHub - maldiohead/CVE-2019-8540: Kernel Stack info leak at exportObjectToClient functionKernel Stack info leak at exportObjectToClient function - maldiohead/CVE-2019-8540
