CTF Player @FlappyPig @r3kapig
Security researcher working @chaitin
Focus on Vulnerability Discovering
Active in CTF, PWN/Reverse
《CTF特训营:技术详解、解题方法与竞赛技巧》 one of the authors
2018.09-2018.10 2018 GeekPwn of Team Piggy mine
Exploit vulnerabilities on a series of smart devices, use them as mining machines.
Won Best Show award.
2019.07 GeekPwn & Huawei Smart device Security Challenge of chaitin
2019.10.24 GeekPwn, As a member of Chaitin, the project is to pwn MAXHUB.
2021 天府杯最佳漏洞复现 && Docker and Ubuntu/CentOs Pwned
2021 作为0x300成员获得首届信创关键产品安全挑战赛第二名
2023 作为0x300成员获得 CSST 天网杯二等奖
2023 作为“跃哥我真不会啊战队”成员获得 Datacon 漏洞分析赛道第一
*《SHFuzz: Service handler-aware fuzzing for detecting multi-type vulnerabilities in embedded devices》
2024 年 0x300 天网杯信创关键产品漏洞挖掘挑战赛一等奖
2024 年 0x300 “矩阵杯”国产软硬件安全检测赛一等奖
VUL LIST:
HUAWEI
DrayTek:
QNAP
CISCO
CVE-2021-1207, CVE-2021-1209, CVE-2021-1164, and CVE-2021-1307
CVE-2021-1293,CVE-2021-1295
CVE-2021-1609,CVE-2021-1610
D-Link
ZYXEL
XIAOMI
Synology
2021 致谢链接
Linux Kernel
CVE-2021-4001
Netgear
CVE-2021-45527| PSV-2020-0437
[PSV-2020-0591]
CVE-2023-36187| PSV-2020-0578
ASUS
CVE-2023-35086、CVE-2023-35087、CVE-2023-39238、CVE-2023-39239、CVE-2023-39240 (In particular, these fmt vulnerabilities of ASUS need to be authorized.)
CVE-2024-3079、CVE-2024-3080
Other
CVE-2021-33630、CVE-2021-33631、CVE-2021-29629、CVE-2020-15137、CVE-2020-24074、CVE-2020-15173、CVE-2020-28194、CVE-2020-36109、CVE-2023-24805、CVE-2022-43294、
CNNVD-2024-10495551、CNVD-2020-13185、CNVD-2020-56102、CNVD-2020-56101、CNVD-2020-56100、CNVD-2020-56099、(OPPO 2021 IoT 众测数个漏洞)