Confirmed! Chris Anastasio (@mufinnnnnnn) & Fabius Watson (@FabiusArtrel) of Team Cluck used two bugs (incl a CLRF injenction) in a beautiful chain to exploit the QNAP TS-464 NAS. The second round win earns them $20,000 and 4 Master of Pwn points. #Pwn2Own #P2OIreland

In out fist video highlight of Day Two, we see Ken Gannon (@Yogehi) bring 5 bugs and a tone of emotion to bear against the #Samsung Galaxy. #Pwn2Own @P2OIreland https://youtube.com/shorts/eM9dOhHH2AA?feature=share

Boom! It took no time at all for the Viettel Cyber Security (@vcslab) team to exploit the HP Color LaserJet Pro MFP 3301fdw printer. They head of to the disclosure room to provide all the details. #Pwn2Own #P2OIreland

#NoContext @hack_lu #hacklu2024

Nice! Chris Anastasio (@mufinnnnnnn) & Fabius Watson (@FabiusArtrel) of Team Cluck successfully exploited the QNAP TS-464 NAS. They're off to the disclosure room to explain how they did it. #Pwn2Own #P2OIreland

Sweet! The InfoSect (@infosectcbr) team successfully exploited the Sonos Era 300 speaker. They head of to the disclosure room to divulge how they did it. #Pwn2Own #P2OIreland

We have another bug collision. The Tenable Group used a stack-based buffer overflow to exploit the Lorex 2K camera, but the bug had already been used in the contest. They still earn $3,750 and 1.5 Master of Pwn points. #Pwn2Own #P2OIreland

#programming #names Aargh

Throw the programmers in the sea

Authenticated! dungdm (@_piers2) with Viettel Cyber Security (@vcslab) used a single Use-After-Free (UAF) bug to exploit the #Sonos Era 300. The second-round win earns him $30,000 and 6 Master of Pwn points. #Pwn2Own #P2OIreland

The Synacktiv Team (@Synacktiv) used a combination of 3 different bug to exploit the Ubiquiti AI Bullet. All bugs were unique, so there second round win nets them $15,000 and 3 Master of Pwn points. #Pwn2Own #P2OIreland

Wow! Ryan Emmons (@the_emmons) and Stephen Fewer (@stephenfewer) of Rapid7 had to rewrite their exploit on the clock, but their second attempt against the Synology DiskStation DS1823xs+ succeeded! They head off to the disclosure room to provide the details. #Pwn2Own #P2OIreland

Confirmed! @dungnm, @dungdm, & @tunglth of @vcslab used a heap-based buffer overflow to exploit the Synology TC500. IN doing so, they earn $30,000 and 3 Master of Pwn points. #Pwn2Own #P2OIreland

Whew! On their second attempt, the team from STEALIEN Inc. was able to exploit the Ubiquiti AI Bullet camera. They're off to the disclosure room to explain how they did it. #Pwn2Own #P2OIreland