<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0">
<channel>
  <title>Whereisk0Shl</title>
  <link>https://whereisk0shl.top/</link>
  <description>Whereisk0Shl</description>

  <item>
    <title>From context_handle to type confusion</title>
    <link>https://whereisk0shl.top/post/From%20context_handle%20to%20type%20confusion/</link>
    <guid>https://whereisk0shl.top/post/From%20context_handle%20to%20type%20confusion/</guid>
    <pubDate>Fri, 26 Jun 2026 10:27:16 +0800</pubDate>
    <description>A Type Confusion Vulnerability Pattern in Windows RPC Servers</description>
  </item>

  <item>
    <title>A trick, the story of CVE-2024-26230</title>
    <link>https://whereisk0shl.top/post/A%20trick,%20the%20story%20of%20CVE-2024-26230/</link>
    <guid>https://whereisk0shl.top/post/A%20trick,%20the%20story%20of%20CVE-2024-26230/</guid>
    <pubDate>Wed, 10 Apr 2024 17:43:24 +0800</pubDate>
    <description>A trick, the story of CVE-2024-26230 Author: k0shl of Cyber Kunlun</description>
  </item>

  <item>
    <title>Isolate me from sandbox - Explore elevation of privilege of CNG Key Isolation</title>
    <link>https://whereisk0shl.top/post/Isolate%20me%20from%20sandbox%20-%20Explore%20elevation%20of%20privilege%20of%20CNG%20Key%20Isolation/</link>
    <guid>https://whereisk0shl.top/post/Isolate%20me%20from%20sandbox%20-%20Explore%20elevation%20of%20privilege%20of%20CNG%20Key%20Isolation/</guid>
    <pubDate>Fri, 01 Sep 2023 19:18:04 +0800</pubDate>
    <description>Isolate me from sandbox - Explore elevation of privilege of CNG Key Isolation Author: k0shl of Cyber Kunlun</description>
  </item>

  <item>
    <title>Break me out of sandbox in old pipe - CVE-2022-22715 Windows Dirty Pipe</title>
    <link>https://whereisk0shl.top/post/Break%20me%20out%20of%20sandbox%20in%20old%20pipe%20-%20CVE-2022-22715%20Windows%20Dirty%20Pipe/</link>
    <guid>https://whereisk0shl.top/post/Break%20me%20out%20of%20sandbox%20in%20old%20pipe%20-%20CVE-2022-22715%20Windows%20Dirty%20Pipe/</guid>
    <pubDate>Thu, 25 Aug 2022 11:09:53 +0800</pubDate>
    <description>Break me out of sandbox in old pipe - CVE-2022-22715 Windows Dirty Pipe Author: k0shl of Cyber Kunlun</description>
  </item>

  <item>
    <title>The Story Of CVE-2021-1648</title>
    <link>https://whereisk0shl.top/post/The_story_of_CVE_2021_1648/</link>
    <guid>https://whereisk0shl.top/post/The_story_of_CVE_2021_1648/</guid>
    <pubDate>Wed, 13 Jan 2021 10:29:43 +0800</pubDate>
    <description>The Story Of CVE-2021-1648</description>
  </item>

  <item>
    <title>StorSvc writeup and introduction about my analysis script</title>
    <link>https://whereisk0shl.top/post/StorSvc_writeup_and_introduction_about_my_analysis_script/</link>
    <guid>https://whereisk0shl.top/post/StorSvc_writeup_and_introduction_about_my_analysis_script/</guid>
    <pubDate>Mon, 27 Jul 2020 14:39:00 +0800</pubDate>
    <description>StorSvc writeup and introduction about my analysis script</description>
  </item>

  <item>
    <title>Segment Heap的简单分析和Windbg Extension</title>
    <link>https://whereisk0shl.top/post/segment_heap_ext/</link>
    <guid>https://whereisk0shl.top/post/segment_heap_ext/</guid>
    <pubDate>Fri, 10 Jul 2020 09:56:03 +0800</pubDate>
    <description>Author: k0shl of 360 Vulcan Team</description>
  </item>

  <item>
    <title>VSFTPD v2.3.4 后门分析</title>
    <link>https://whereisk0shl.top/post/VSFTPD%20v2.3.4后门分析/</link>
    <guid>https://whereisk0shl.top/post/VSFTPD%20v2.3.4后门分析/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:37 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：http://whereisk0shl.top</description>
  </item>

  <item>
    <title>ProFTPD 1.3.3c 后门分析</title>
    <link>https://whereisk0shl.top/post/Proftpd-1.3.3c后门分析/</link>
    <guid>https://whereisk0shl.top/post/Proftpd-1.3.3c后门分析/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:35 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>LShell &lt;= 0.9.15 远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/LShell%3C=0.9.15远程代码执行漏洞/</link>
    <guid>https://whereisk0shl.top/post/LShell%3C=0.9.15远程代码执行漏洞/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:34 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：http://whereisk0shl.top</description>
  </item>

  <item>
    <title>JCG 路由命令执行漏洞分析</title>
    <link>https://whereisk0shl.top/post/JCG路由命令执行漏洞分析/</link>
    <guid>https://whereisk0shl.top/post/JCG路由命令执行漏洞分析/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:34 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top 一年后重温这个漏洞，突然发现这个JCG漏洞时在某云提交的，好怀念那段时光…</description>
  </item>

  <item>
    <title>HTML Help Workshop .SEH 本地代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/HTML%20Help%20Workshop%20.SEH本地代码执行漏洞/</link>
    <guid>https://whereisk0shl.top/post/HTML%20Help%20Workshop%20.SEH本地代码执行漏洞/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:34 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[质量局!!]HITB GSEC CTF Win Pwn解题全记录之babystack</title>
    <link>https://whereisk0shl.top/post/hitb_gsec_ctf_babystack_writeup/</link>
    <guid>https://whereisk0shl.top/post/hitb_gsec_ctf_babystack_writeup/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:34 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处，作者博客：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>A simple story of DsSvc, &quot;Live and Die&quot;</title>
    <link>https://whereisk0shl.top/post/a-simple-story-of-DsSvc/</link>
    <guid>https://whereisk0shl.top/post/a-simple-story-of-DsSvc/</guid>
    <pubDate>Mon, 10 Feb 2020 21:24:29 +0800</pubDate>
    <description>Author: k0shl of 360 Vulcan Team</description>
  </item>

  <item>
    <title>[博客搬家啦!] CVE-2011-3478 Symantec pcAnywhere 远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/[博客搬家啦!]CVE-2011-3478%20Symantec%20pcAnywhere远程代码执行漏洞/</link>
    <guid>https://whereisk0shl.top/post/[博客搬家啦!]CVE-2011-3478%20Symantec%20pcAnywhere远程代码执行漏洞/</guid>
    <pubDate>Mon, 10 Feb 2020 21:22:16 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：http://whereisk0shl.top</description>
  </item>

  <item>
    <title>[CVE-2016-0111] IE SetAttributeStringAndPointer 释放后重用漏洞分析 [MS16-023]</title>
    <link>https://whereisk0shl.top/post/[CVE-2016-0111]IE%20SetAttributeStringAndPointer释放后重用漏洞分析[MS16-023]/</link>
    <guid>https://whereisk0shl.top/post/[CVE-2016-0111]IE%20SetAttributeStringAndPointer释放后重用漏洞分析[MS16-023]/</guid>
    <pubDate>Mon, 10 Feb 2020 21:22:15 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[CVE-2013-0658] Schneider Electric Accutech 工控服务堆溢出漏洞分析</title>
    <link>https://whereisk0shl.top/post/[CVE-2013-0658]Schneider%20Electirc%20Accutech工控服务堆溢出漏洞分析/</link>
    <guid>https://whereisk0shl.top/post/[CVE-2013-0658]Schneider%20Electirc%20Accutech工控服务堆溢出漏洞分析/</guid>
    <pubDate>Mon, 10 Feb 2020 21:22:15 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Microsoft Hardlink缓解机制简单分析</title>
    <link>https://whereisk0shl.top/post/2019-06-08/</link>
    <guid>https://whereisk0shl.top/post/2019-06-08/</guid>
    <pubDate>Sat, 08 Jun 2019 00:00:00 +0800</pubDate>
    <description>Author: k0shl of 360 Vulcan Team</description>
  </item>

  <item>
    <title>DfMarshal系列漏洞CVE-2018-8550调试记录</title>
    <link>https://whereisk0shl.top/post/2019-05-11/</link>
    <guid>https://whereisk0shl.top/post/2019-05-11/</guid>
    <pubDate>Sat, 11 May 2019 00:00:00 +0800</pubDate>
    <description>Author: k0shl of 360 Vulcan Team</description>
  </item>

  <item>
    <title>写在98篇漏洞分析之后---2019.03.09</title>
    <link>https://whereisk0shl.top/post/2019-03-09/</link>
    <guid>https://whereisk0shl.top/post/2019-03-09/</guid>
    <pubDate>Sat, 09 Mar 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl</description>
  </item>

  <item>
    <title>[CVE-2016-5108]VideoLAN VLC Media Player 2.2.1越界写拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2019-03-09-01/</link>
    <guid>https://whereisk0shl.top/post/2019-03-09-01/</guid>
    <pubDate>Sat, 09 Mar 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Internet Download Accelerator 6.10.1.1527 远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2019-03-02/</link>
    <guid>https://whereisk0shl.top/post/2019-03-02/</guid>
    <pubDate>Sat, 02 Mar 2019 00:00:00 +0800</pubDate>
    <description>作者： k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>ConQuest DICOM Server 1.4.17d 远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2019-02-24/</link>
    <guid>https://whereisk0shl.top/post/2019-02-24/</guid>
    <pubDate>Sun, 24 Feb 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Serva 3.0.0 HTTP Server整数溢出远程拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2019-02-16/</link>
    <guid>https://whereisk0shl.top/post/2019-02-16/</guid>
    <pubDate>Sat, 16 Feb 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[破五～]Dual DHCP DNS Server 7.29远程拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2019-02-09/</link>
    <guid>https://whereisk0shl.top/post/2019-02-09/</guid>
    <pubDate>Sat, 09 Feb 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[拜年啦！]NetCat【nc】 0.7.1 远程拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2019-02-04/</link>
    <guid>https://whereisk0shl.top/post/2019-02-04/</guid>
    <pubDate>Mon, 04 Feb 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Easy Internet Sharing Proxy Server 2.2整数溢出远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2019-01-26/</link>
    <guid>https://whereisk0shl.top/post/2019-01-26/</guid>
    <pubDate>Sat, 26 Jan 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>WinaXe 7.7 远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2019-01-19/</link>
    <guid>https://whereisk0shl.top/post/2019-01-19/</guid>
    <pubDate>Sat, 19 Jan 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Axessh 4.2拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2019-01-13/</link>
    <guid>https://whereisk0shl.top/post/2019-01-13/</guid>
    <pubDate>Sun, 13 Jan 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>uSQLite1.0.0远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2019-01-06/</link>
    <guid>https://whereisk0shl.top/post/2019-01-06/</guid>
    <pubDate>Sun, 06 Jan 2019 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[元旦快乐]GNU GTypist 2.9.5-2本地拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2018-12-31/</link>
    <guid>https://whereisk0shl.top/post/2018-12-31/</guid>
    <pubDate>Mon, 31 Dec 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Network Scanner 4.0.0本地代码执行漏洞分析</title>
    <link>https://whereisk0shl.top/post/2018-12-22/</link>
    <guid>https://whereisk0shl.top/post/2018-12-22/</guid>
    <pubDate>Sat, 22 Dec 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[CVE-2013-3299]RealPlayer拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2018-12-15/</link>
    <guid>https://whereisk0shl.top/post/2018-12-15/</guid>
    <pubDate>Sat, 15 Dec 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>LanSpy 2.0.0.155本地代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-12-08/</link>
    <guid>https://whereisk0shl.top/post/2018-12-08/</guid>
    <pubDate>Sat, 08 Dec 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[CVE-2016-2776]BIND 9 ‘buffer.c’拒绝服务漏洞</title>
    <link>https://whereisk0shl.top/post/2018-12-01/</link>
    <guid>https://whereisk0shl.top/post/2018-12-01/</guid>
    <pubDate>Sat, 01 Dec 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Microsoft Internet Explorer 11.0.9600.18482 - Use After Free</title>
    <link>https://whereisk0shl.top/post/2018-11-24/</link>
    <guid>https://whereisk0shl.top/post/2018-11-24/</guid>
    <pubDate>Sat, 24 Nov 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>WDK 8.1 kill.exe内存破坏漏洞</title>
    <link>https://whereisk0shl.top/post/2018-11-17/</link>
    <guid>https://whereisk0shl.top/post/2018-11-17/</guid>
    <pubDate>Sat, 17 Nov 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Disk Pulse Enterprise远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-10-22/</link>
    <guid>https://whereisk0shl.top/post/2018-10-22/</guid>
    <pubDate>Mon, 22 Oct 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>php 5.0 tidy_parse_file缓冲区溢出漏洞</title>
    <link>https://whereisk0shl.top/post/2018-10-13/</link>
    <guid>https://whereisk0shl.top/post/2018-10-13/</guid>
    <pubDate>Sat, 13 Oct 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>EKG Gadu 本地代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-10-06/</link>
    <guid>https://whereisk0shl.top/post/2018-10-06/</guid>
    <pubDate>Sat, 06 Oct 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请说明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>【中秋牛逼暴富】阿里旺旺2010远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-09-24/</link>
    <guid>https://whereisk0shl.top/post/2018-09-24/</guid>
    <pubDate>Mon, 24 Sep 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>LamaHub 0.0.62远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-09-16/</link>
    <guid>https://whereisk0shl.top/post/2018-09-16/</guid>
    <pubDate>Sun, 16 Sep 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>NScan 0.91 本地代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-09-01/</link>
    <guid>https://whereisk0shl.top/post/2018-09-01/</guid>
    <pubDate>Sat, 01 Sep 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>EasyFTP Server 1.7.0.11 APPE远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-07-28/</link>
    <guid>https://whereisk0shl.top/post/2018-07-28/</guid>
    <pubDate>Sat, 28 Jul 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[MS16-063]IE11浏览器释放后重用漏洞</title>
    <link>https://whereisk0shl.top/post/2018-07-20/</link>
    <guid>https://whereisk0shl.top/post/2018-07-20/</guid>
    <pubDate>Fri, 20 Jul 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>Halliburton LogView Pro 9.7.5远程代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-07-15/</link>
    <guid>https://whereisk0shl.top/post/2018-07-15/</guid>
    <pubDate>Sun, 15 Jul 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>nrss reader 0.3.9本地代码执行漏洞</title>
    <link>https://whereisk0shl.top/post/2018-07-01/</link>
    <guid>https://whereisk0shl.top/post/2018-07-01/</guid>
    <pubDate>Sun, 01 Jul 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>MediaCoder 0.8.43.5852 - .m3u缓冲区溢出漏洞</title>
    <link>https://whereisk0shl.top/post/2018-06-23/</link>
    <guid>https://whereisk0shl.top/post/2018-06-23/</guid>
    <pubDate>Sat, 23 Jun 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>[端午安康]CoolPlayer+ Portable 2.19.6 - .m3u缓冲区溢出漏洞</title>
    <link>https://whereisk0shl.top/post/2018-06-17/</link>
    <guid>https://whereisk0shl.top/post/2018-06-17/</guid>
    <pubDate>Sun, 17 Jun 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

  <item>
    <title>TFTP Server 1.4远程代码执行漏洞分析</title>
    <link>https://whereisk0shl.top/post/2018-06-03/</link>
    <guid>https://whereisk0shl.top/post/2018-06-03/</guid>
    <pubDate>Sun, 03 Jun 2018 00:00:00 +0800</pubDate>
    <description>作者：k0shl 转载请注明出处：https://whereisk0shl.top</description>
  </item>

</channel>
</rss>
