About

I’m Pumpkin (@u1f383), is a security researcher at DEVCORE and a member of the Balsn CTF team. I focus on Linux kernel, hypervisor, and browser security.

The following slides are from my talks. I hope you find them useful 🙂.

• [POC 2024] How I use a novel approach to exploit a limited OOB on Ubuntu at Pwn2Own Vancouver 2024 (English, uploaded on November 13, 2024)

I also participate in some study groups and will occasionally share some slides here that might be useful (most of them are written in Traditional Chinese, haha).

• (Linux userspace) Link Start - Dynamic Linking (Written on February 27, 2022)
• (Linux kernel) Two kernel pwn chals in corCTF (Written on October 13, 2022)
• (Virtual machine) Hypervisor 從入門到放棄 - 兩道題目學習 hypervisor 安全 (Written on March 19, 2023)
• (Linux kernel) HITCON CTF 2022 Fullchain - Knote2 (Kernel Exploitation) (Written on April 29, 2023)
• (Chrome v8) V8 Promise - 透過三個 CVE 來了解 V8 Promise 底層實作 (Written on February 18, 2024)
• (Linux kernel) Linux Kernel Network Security (1) (Written on June 29, 2024)