Log inSign up
chompie
4,877 posts
user avatar
chompie
@chompie1337
hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
chomp.ie
Joined October 2019
1,154
Following
89K
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    chompie
    @chompie1337
    May 14
    Claude helped me with this bug too but in a different way... Tried to gaslight me saying it wasn’t ~exploitable in practice~ and I got obsessed with proving it wrong 😩
    user avatar
    TrendAI Zero Day Initiative
    @thezdi
    May 14
    Confirmed! @chompie1337 of IBM X-Force Offensive Research (XOR) used a race condition to escalate privileges on Red Hat Enterprise Linux for Workstations, earning $20,000 and 2 Master of Pwn points. #Pwn2Own #P2OBerlin
    Image
    Image
    Image
    84K
  • user avatar
    chompie
    @chompie1337
    Feb 11, 2022
    dentist: so, are you flossing? me: are you using a unique password for every account?
  • user avatar
    chompie
    @chompie1337
    May 2, 2022
    why when you work in tech everyone expects you to maintain some super complicated home network as a hobby? do u think I wanna be a sysadmin for fun
  • user avatar
    chompie
    @chompie1337
    Nov 14, 2022
    get in loser we’re batching RPCs
  • user avatar
    chompie
    @chompie1337
    Apr 4, 2025
    If you ever think there are no more bugs left to find… this Linux kernel bug was just patched yesterday and existed for 5 YEARS
    pointer arithmetic gone wrong
    508K
  • user avatar
    chompie
    @chompie1337
    Jul 11, 2022
    The C programming language is so unserious. Who fucking thought that "long long" was alright
  • user avatar
    chompie
    @chompie1337
    Oct 6, 2022
    yes of course you can write secure C code, sweetie. you can do anything you set your mind to, mommy believes in you
  • user avatar
    chompie
    @chompie1337
    Oct 30, 2023
    ok trying but I’m running out of spells
    Image
    00:00
    This Post is from a suspended account. Learn more
    367K
  • user avatar
    chompie
    @chompie1337
    Dec 13, 2022
    Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious! securityintelligence.com/posts/critical…
    Image
    00:00
  • user avatar
    chompie
    @chompie1337
    Oct 30, 2023
    i hate going to the Releases in a repo and seeing this. this is not a release. this is putting your code in a folder.
    Image
    267K
  • user avatar
    chompie
    @chompie1337
    Apr 13, 2024
    Replying to @Dixie3Flatline
    a girl in front of me asked for one on my flight the other day and the pilot said “ask for one after we land, ever since that girl blew it up on TikTok we never have any 🙄”
    113K
  • user avatar
    chompie
    @chompie1337
    Oct 22, 2022
    Remotely exploiting CVE-2022-34718, TCP/IP RCE bug #EvilEsp for DoS. This is a bug in Ipv6 fragmentation/IpSec, which allows OOB write if an Ipv6 fragment is contained inside an IpSec ESP payload.
    Image
    00:00
  • user avatar
    chompie
    @chompie1337
    Jun 12, 2024
    microsoft: Exploit Code Unporoven me: i literally gave you a compiled PoC and also exploit code m$: No exploit code is available, or an exploit is theoretical. me:
    Image
    00:00
    413K
  • user avatar
    chompie
    @chompie1337
    Mar 8, 2022
    Thrilled to share my new blog post: Put an io_uring on it: Exploiting the Linux kernel. Follow me while I learn a new kernel subsystem + its attack surface, find an 0day, build an exploit, + come up with some new tricks. I go deep and demystify the process graplsecurity.com/post/iou-ring-…
Advertisement
Advertisement