Crusaders of Rust (@cor

Crusaders of Rust

118 posts

Crusaders of Rust

@cor_ctf

A European and American Security Research Group

Joined February 2021

Crusaders of Rust
@cor_ctf
Jul 11, 2025
Here is our 0day for kernelCTF🩸 - 82k bounty - quickest submission ever - all instances pwned😎 syst3mfailure.io/rbtree-family-… Disclaimer: We apologize for abusing the red black tree family. Turning grandparents against grandchildren is only acceptable in the context of pwn😤
Crusaders of Rust
@cor_ctf
Jun 23, 2025
Exploit write-ups for our 🚨latest 0-day🚨and the tragedy that swept the red black tree family dropping soon 👀 Here is a tiktok style video for those of you with no attention span thanks to slop and social media. Turn on the audio!!!
00:00
[CVE-2025-38001] Exploiting All Google kernelCTF Instances And Debian 12 With A 0-Day For $82k: An...
From syst3mfailure.io
40K
Crusaders of Rust
@cor_ctf
Jun 23, 2025
Exploit write-ups for our 🚨latest 0-day🚨and the tragedy that swept the red black tree family dropping soon 👀 Here is a tiktok style video for those of you with no attention span thanks to slop and social media. Turn on the audio!!!
00:00
56K
Crusaders of Rust
@cor_ctf
Jan 25, 2022
We publicly released our exploits for CVE-2022-0185 at github.com/Crusaders-of-R… and a public writeup at willsroot.io/2022/01/cve-20…. Thanks once again to FizzBuzz101, @clubby789 , @ryaagard , @Chronos190 , @ginkoid , and @chop0_ .
Crusaders of Rust
@cor_ctf
Aug 17, 2022
Check out corCTF kernel writeups! FizzBuzz101's challenge shows a novel leakless + data-only technique to pwn Linux with a 6 byte overflow: willsroot.io/2022/08/revivi… D3v17's CoRJail shows a novel technique used on kctf to achieve arb free with poll_list : syst3mfailure.io/corjail
Crusaders of Rust
@cor_ctf
Dec 17, 2022
Introducing the world to our teammate's latest CVE: EntryBleed, a Linux bug that allows low privileged attackers to break KASLR under KPTI/KAISER for Intel based systems. willsroot.io/2022/12/entryb…
40K
Crusaders of Rust
@cor_ctf
May 6, 2025
We are back😎 Say hello to our kernelCTF submission for CVE-2025-37752🩸 Who would have thought you could pwn a kernel with just a 0x0000 written 262636 bytes out of bounds? Read the full writeup at: syst3mfailure.io/two-bytes-of-m… 👀
[CVE-2025-37752] Two Bytes Of Madness: Pwning The Linux Kernel With A 0x0000 Written 262636 Bytes...
From syst3mfailure.io
12K
Crusaders of Rust
@cor_ctf
Aug 4, 2024
Checkout FizzBuzz101's corCTF 2024 challenge writeups! Leaking Flags from Initramfs with Spectre v1: willsroot.io/2024/08/just-a… KVM Escape from a nested L2 guest to the L1 hypervisor: willsroot.io/2024/08/trojan…
27K
Crusaders of Rust
@cor_ctf
May 30, 2025
🚨🚨🚨We just broke everyone’s favorite CTF PoW🚨🚨🚨 Our teammate managed to achieve a 20x SPEEDUP on kctf pow through AVX512 on Zen 5. Full details here: anemato.de/blog/kctf-vdf The Sloth VDF is dead😵 This is why kernelCTF no longer has PoW!
anemato.de
Beating the kCTF PoW with AVX512IFMA for $51k
PoW is gone 🦀🦀
9.3K
Crusaders of Rust
@cor_ctf
Aug 3, 2023
Check out FizzBuzz101's corCTF 2023 writeups! Exploiting the Intel sysret hardware bug + a µarch side-channel for KASLR bypass on modern Linux kernel: willsroot.io/2023/08/sysrup… Pwning ring -2 from ring 0 : willsroot.io/2023/08/smm-di… Cracking an AVX-512 VM : willsroot.io/2023/08/vmquac…
12K
Crusaders of Rust
@cor_ctf
May 11, 2025
New Linux 0-day incoming 😇
00:00
4.1K
Crusaders of Rust
@cor_ctf
Jul 24, 2025
corCTF 2025 is a little over a month away!🚩 This year, we have a prize pool worth over 10k, with 9k in cash prizes! 💵 As for the first teaser, we are introducing CoRPhone! Are you ready to pwn an Android kernel, exfiltrate chat logs, and save a 1 million dollar pigeon?👀
6.5K
Crusaders of Rust
@cor_ctf
May 30, 2025
Oops, we just pwned the kernelCTF mitigation instance with a 0day😳 Our fellow pwner syst3mfailure has picked up pigeon feeding as a hobby to help him cope with the insanity
4K
Crusaders of Rust
@cor_ctf
Aug 6, 2023
Check out the writeup for corCTF's daydream from @pepsipu, an unsolved pwnable that requires you to leaklessly transform a stack OOB into universal RCE on glibc 🤯 pepsipu.com/blog/daydream-…
7.9K
Crusaders of Rust
@cor_ctf
Jun 21, 2023
Congrats to our teammate D3v17 (syst3mfailure.io) for first blooding kernelCTF's experimental mitigation instance with a 1-day exploit🩸
GIF
16K