Zhihua Yao

@hackyzh

bug hunter & binary researcher

China Hangzhou
Vrijeme pridruživanja: veljača 2018.

Tweetovi

Blokirali ste korisnika/cu @hackyzh

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @hackyzh

  1. proslijedio/la je Tweet
    31. sij

    CVE-2019-1406 : Microsoft Jet Engine ColumnLvText Type Confusion CVE-2019-1250 : Microsoft Jet database Record::IsNull Memory Corruption Found by &

    Poništi
  2. 25. sij

    I don't know why there two kinds of information disclosure,but there is no bounty for critical of information disclosure.😭

    Poništi
  3. 17. sij

    I got some excel crashes on my fuzz interface, I'm happy, but it didn't save the results😪 WTF

    Poništi
  4. 16. sij

    I hope to dig out browser vulnerabilities and write exploits that can be used, but the strength does not allow.🤣

    Poništi
  5. proslijedio/la je Tweet
    15. sij

    Our researchers ( and ) successfully reproduced CVE-2020-0601, which is the crypto bug in Microsoft Windows reported by NSA!!

    Poništi
  6. 11. sij

    I really hate null pointers, you feel happy when you find that your fuzzer has results, and then when you find null pointers, you feel fucked.

    Poništi
  7. 8. sij

    The result I fuzzed, Is this stack buffer overflow?

    Poništi
  8. 7. sij

    oneplus src has a bad experience, I submitted it on the 20th, and today they replied that they already knew the problem.Although this vulnerability I quickly discovered.😓

    Poništi
  9. 7. sij
    Poništi
  10. 31. pro 2019.

    When I searched for attack surface fuzz in excel, I found this.Interesting, but currently neither of these vulnerabilities can be exploited, it is a pity

    Poništi
  11. 22. pro 2019.

    At first I thought it was a heap overflow, so does anyone recognize what the vulnerability is?😂

    Poništi
  12. 9. pro 2019.

    This seems to be an out-of-bounds vulnerability. I'm not very good at exploit develop.Can someone give some tutorials on how to develop exploit for GDI vulnerability? Today is unlucky, my alien host is stuck on the login interface when entering the Windows 10 system😂

    Poništi
  13. 24. stu 2019.

    Does anyone know that the microsoft user state vulnerability has a bounty?like this

    Poništi
  14. 5. stu 2019.
    Poništi
  15. 3. stu 2019.
    Poništi
  16. 1. stu 2019.

    I found a open redirect vuln,but can't convert to xss.Anyone else could bypass browser limit?😀

    Poništi
  17. 17. lis 2019.

    Today I have received the swag,thanks msrc. 😂But it seems a bit ugly.

    Poništi
  18. 28. ruj 2019.

    Does anyone know which cloud vendor this belongs to, can it be subdomain takeover?

    Poništi
  19. 17. ruj 2019.

    I submitted 3 xss vulnerabilities about dynamic 365 to Microsoft, but only one got $3000, and the other two said that due to permissions, it was normal design.😪

    Poništi
  20. 8. kol 2019.

    I found that this vulnerability has been fixed and cannot be reproduced.This is too fast. I want to try other things to make this report effective. This feeling is really not very good.😢

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·