RPRuikai Pengin0reg.dev·Feb 6, 2025 · 46 min readLlama's Paradox - Delving deep into Llama.cpp and exploiting Llama.cpp's Heap Maze, from Heap-Overflow to Remote-Code Execution.https://www.youtube.com/watch?v=aiX32KVTX00 If you are an exploitation enthusiast, this write-up will be a perfect source of entertainment. I spent ~30h on exploiting the heap-overflow to remote-code execution. At the same time, I had already spen...00
RPRuikai Penginkeepmarching.org·Jan 8, 2025 · 2 min readKeep Marching: We march for the future, for legacyIn every movement, there is a heartbeat—a rhythm that drives change, inspires courage, and pushes humanity forward. KeepMarching.org is that pulse, a platform born from the belief that the steps we take today can shape the world of tomorrow. At its c...00
RPRuikai Penginkeepmarching.org·Jan 8, 2025 · 2 min readMarchingI won't live to see the future that I fight for Maybe no one gets to reach that perfect day If the work is never over Then how do you keep marching anyway? Do you carry your banner as far as you can? Rewriting the world with your imperfect pen? 'Til ...00
RPRuikai Pengin0reg.dev·Jul 10, 2024 · 25 min readEvernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer with listened BrokerBridge Remote-Code Executionhttps://www.youtube.com/watch?v=IfiHw5mVDrk Just this week, I discovered a critical Javascript Injection -> Remote-Code Execution in the Evernote app. By simply clicking the shared sugar-coated note with embedded font-injection malicious PDF, the a...00
RPRuikai Pengin0reg.dev·Jun 12, 2024 · 28 min readROPing Routers from scratch: Step-by-step Tenda Ac8v4 Mips 0day Flow-control ROP -> RCERecently, my passion for binary-exploitation had been triggered unconsciously after learning new fun stuff on CEs and DLLs; Not sure why but I am always obsessed with assemblies, caller stacks, and glibc heaps and kinds of stuff. Thus I decided to lo...00