Pikagi
Danis Jiang Profile Banner
Danis Jiang Profile
Danis Jiang

@danis_jiang

2,273
Followers
1,063
Following
20
Media
139
Statuses

Yuhao Jiang / former ctfer @ Vidar-Team / Security Researcher @ Ant Group Light-Year Security Lab / GeekPwn 2022 / Pwnie Awards 2023 / Tianfu Cup 2023

Joined August 2022
Don't wanna be here? Send us removal request.
Pinned Tweet
@danis_jiang
Danis Jiang
@danis_jiang
5 months
Over the past month or so, I have shared "URB Excalibur: The New VMware All-Platform VM Escapes" with @0x140ce at two conferences. Now both slides are already public (basically same), CanSecWest 2024: BlackHat Asia 2024:
0
29
80
Last Seen Profiles
meg

@hotgirlmegsfw

Chelsie Hart

@HartChelsie

moukhter moukhter

@MoukhterM

ayami

@ayami

Sinéad Gibney

@sineadgibney

Warwara✌🏻

@Barbaraavecw

ASSOBRAFIR

@ASSOBRAFIR

Ambianceur225

@Ambianceur_225

James

@jlord52760

augsta

@augsta_

Maestro Splinter suplente

@MaestroSpIinter

Kary Hermens

@HermensKar40634

おすしすき

@shirakooponponz

Ashley Nicole Moss

@AshNicoleMoss

ecryto

@ecryto

yùn || busy

@wangyeberr

Dave

@MAGAProud78

aeri,CPA

@aerisedtcpa

LOEYEOL

@loeyeolcom

Gustavo Cadenas

@GustavoCadenasF

Cristopher Izaguirre

@Cristop158881

Susan🕷️

@detectivelily

Team Vertical

@ivg_sg

Katie Drummond

@katiedrumm

DigitalLandBroker ∞

@RegtheeReal

Yã izidoro

@YaIzidoro

cil ✧

@augustmarkie

Carina C

@carinalanae

n

@fl5k_i

jhéya

@terlugu

ロビン王朝を継ぐ者「超人博士」

@asuramen_ikari

Raven Middleton

@Rav3nbaby

Stone Lok

@lokwaiho1

신쓰

@sin_sse

💪eray_masür 💪

@krt_eray

marcciella

@marcciella

@danis_jiang
Danis Jiang
@danis_jiang
2 years
Here is my demo of the VM escape exploit on the latest version of VMware Fusion along with ESXi and Workstation. It was used to participate in GeekPwn 2022 and won the championship.
25
299
2K
@danis_jiang
Danis Jiang
@danis_jiang
2 years
This is the VMware Workstation VM escape exploit I recorded earlier by the same vulnerability😀
8
103
529
@danis_jiang
Danis Jiang
@danis_jiang
11 months
Escape from VMware ESXi’s vm with my teammates @0x140ce and @ezrak1e , such an unforgettable moment🎉🎉🎉
Tweet media one
15
22
329
@danis_jiang
Danis Jiang
@danis_jiang
5 months
Today my colleague @0x140ce and I shared the VMware VM escape we used at GeekPwn 2022, very cool🖖 I think the slides will be public soon.
@darkfloyd1014
Mr. Anthony 安東尼
@darkfloyd1014
5 months
Second episode on VM Escape. Thank you so much.
Tweet media one
Tweet media two
0
0
23
3
23
109
@danis_jiang
Danis Jiang
@danis_jiang
1 year
My talk was rejected by blackhat😢. I don’t know the reason for rejection, is it because virtual machine escape is no longer popular?
Tweet media one
14
1
87
@danis_jiang
Danis Jiang
@danis_jiang
1 year
I’m so surprised and honored to win 🏆 @PwnieAwards for Best Privilege Escalation for my VMware VM escapes research last year🥳🥳. We have submitted our research to BlackHat EU and hope we can share with you on it.
Tweet media one
Tweet media two
@PwnieAwards
Pwnie Awards
@PwnieAwards
1 year
Thanks so much for another excellent year of Pwns! If you missed the show check out the winners here:
1
17
42
3
5
74
@danis_jiang
Danis Jiang
@danis_jiang
11 months
Introducing my new workstation, 7950x with 128GB memory and 8TB M.2 SSD + 4TB HDD🤑
Tweet media one
Tweet media two
Tweet media three
10
0
65
@danis_jiang
Danis Jiang
@danis_jiang
5 months
So many audiences! BlackHat Asia #BlackHat
Tweet media one
Tweet media two
Tweet media three
6
0
60
@danis_jiang
Danis Jiang
@danis_jiang
2 years
VMware has published a security advisory on the vulnerability I used to participate in GeekPwn 2022 with Xinlei Ying. Very fast🙂 #VMware #GeekPwn
3
3
51
@danis_jiang
Danis Jiang
@danis_jiang
1 year
我们组正在招聘研究型实习生,欢迎感兴趣的同学投简历😉
Tweet media one
3
1
38
@danis_jiang
Danis Jiang
@danis_jiang
1 year
Cool!
@dcuthbert
Daniel Cuthbert
@dcuthbert
1 year
Winner is
Tweet media one
0
1
8
6
1
35
@danis_jiang
Danis Jiang
@danis_jiang
6 months
So excited to be here! #CanSecWest #Pwn2Own
Tweet media one
Tweet media two
1
0
36
@danis_jiang
Danis Jiang
@danis_jiang
8 months
Thank you CanSecWest, looking forward to it!😉
@dragosr
dragosr
@dragosr
8 months
CanSecWest 2024 Presentation: URB Excalibur: The New VMware All-Platform VM/Hypervisor Escapes - Yuhao Jiang, Ant Group
Tweet media one
1
4
18
4
1
32
@danis_jiang
Danis Jiang
@danis_jiang
6 months
Just arrived in Vancouver, very torturous… Can’t wait to attend CanSecWest now
Tweet media one
Tweet media two
6
0
32
@danis_jiang
Danis Jiang
@danis_jiang
11 months
0x140ce — My Mentor — Master of Pwn
@0x140ce
0x140ce
@0x140ce
11 months
Successfully bypassing the ArrayBuffer isolation in Adobe Reader and completing the fullchain with @ezrak1e , I will have the opportunity to share with how to perform heap layout under ArrayBuffer isolation and how my vul can reuse the ArrayBuffer as an arbitrary R/W primitive.
Tweet media one
1
25
154
0
0
31
@danis_jiang
Danis Jiang
@danis_jiang
2 years
Tweet media one
Tweet media two
2
0
28
@danis_jiang
Danis Jiang
@danis_jiang
3 months
@G2NiKo Right choice
0
0
25
@danis_jiang
Danis Jiang
@danis_jiang
11 months
Finally got time to replace the air filter and wash my car😌
Tweet media one
Tweet media two
3
0
24
@danis_jiang
Danis Jiang
@danis_jiang
2 years
Upgrade my PC to 64GB RAM and 4TB PCIe 4.0 x4 SSDs😎
Tweet media one
Tweet media two
Tweet media three
4
1
17
@danis_jiang
Danis Jiang
@danis_jiang
2 years
Correction: it also impacts on ESXi, but not has the capability to bypass the sandbox yet.
1
0
17
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@_Freakyclown_
Tweet card media
VMware Fusion escape

Here is my demo of the VM escape exploit on the latest version of VMware Fusion along with ESXi and Workstation. It was used to participate in GeekPwn 2022 a...

www.youtube.com
1
3
17
@danis_jiang
Danis Jiang
@danis_jiang
1 year
Fourth time to participate in organizing D^3CTF, but the first time to create a challenge. Very happy that someone thinks RealESXi is the best challenge this year.
Tweet media one
2
0
14
@danis_jiang
Danis Jiang
@danis_jiang
1 year
Longjing Midnight
Tweet media one
0
0
8
@danis_jiang
Danis Jiang
@danis_jiang
1 year
End my 6-day vacation😌
Tweet media one
1
0
6
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@0xhatim @c3rb3ru5d3d53c Do you mean Parallels Desktop? It definitely doesn't work, because they are different software. But they should have the same attack vector.
0
0
6
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@0xhatim @c3rb3ru5d3d53c VMware ESXi, Workstation and Fusion has nearly the same code, so all three of them contain this vulnerability.
1
0
5
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@boominath7
GitHub - xairy/vmware-exploitation: A collection of links related to VMware escape exploits

A collection of links related to VMware escape exploits - xairy/vmware-exploitation

github.com
0
0
5
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@0x49736b No need.
0
0
4
@danis_jiang
Danis Jiang
@danis_jiang
5 months
@vv474172261 @BlackHatEvents @XiaoWei___ Impressive work. Didn’t know there will be a mouse device under the virtual hub before🤯🤯
1
0
4
@danis_jiang
Danis Jiang
@danis_jiang
1 year
@x2021x01 But thanks to @dcuthbert , he gave me some detailed evaluations🙂
0
0
4
@danis_jiang
Danis Jiang
@danis_jiang
2 years
30s win🫡
0
0
4
@danis_jiang
Danis Jiang
@danis_jiang
11 months
@ezrak1e @0x140ce master of pwn👍
1
0
3
@danis_jiang
Danis Jiang
@danis_jiang
1 year
@x2021x01 Actually they send this same email to all rejected talks.
1
0
2
@danis_jiang
Danis Jiang
@danis_jiang
1 year
@Vegetable_Lee 什么情况,跟我说说
0
0
3
@danis_jiang
Danis Jiang
@danis_jiang
7 months
@dcuthbert Many thanks🙂, I will try my best to present a good talk.
0
0
3
@danis_jiang
Danis Jiang
@danis_jiang
1 year
Thanks to Moesang and e99p1ant for helping me build the ESXi container environment, through cluster->docker->qemu->esxi, so it can be dynamically created and destroyed.
0
0
2
@danis_jiang
Danis Jiang
@danis_jiang
1 year
@PwnieAwards Much thanks for nominating my VMware VM escape, but there was a mistake that we demonstrated VMware Fusion escape on @GeekPwn 2022 not pwn2own. I emailed ian 10 days ago but you seem to have missed it😢
2
0
2
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@403interdit Not release yet.
0
0
2
@danis_jiang
Danis Jiang
@danis_jiang
2 years
DEADBEEF
0
0
2
@danis_jiang
Danis Jiang
@danis_jiang
11 months
@T3jv1l For work🤪, like run more virtual machines
0
0
2
@danis_jiang
Danis Jiang
@danis_jiang
5 months
@Kevin2600 @0x140ce need black hair for some special reason😅
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
1 year
And because I don’t have twitter blue I can’t DM you on twitter (・_・;
0
0
0
@danis_jiang
Danis Jiang
@danis_jiang
1 year
@xwlin_roy @MetaTrustLabs @mingxi_ye 👏👏👏
1
0
1
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@enginestart2 It does not support
1
0
1
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@NikitaTarakanov I will, but maybe next year.
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
1 year
@Lotus_Chris_ 🇲🇾
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
6 months
@bbbig12 Awesome!
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
11 months
@SEEMsec 确实哈哈
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
6 months
@Vegetable_Lee 那先放松放松吧,祝好
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
11 months
@TuringAlex Actually it is a company asset😆, I configured it
0
0
0
@danis_jiang
Danis Jiang
@danis_jiang
5 months
@darkfloyd1014 Thank you too!
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
2 years
🤣🤣🤣
@CSunfortunate
Unfortunate Counter-Strike Moments
@CSunfortunate
2 years
42
280
5K
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
5 months
@dcuthbert Yeah, GTR can easily upgrade to more power
1
0
1
@danis_jiang
Danis Jiang
@danis_jiang
6 months
@sahuang97 周末会去的👌想去靶场但好像要2个人才能进去啊🤣
1
0
1
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@dyn___ No
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
2 years
@laomaiweng Yes!
1
0
1
@danis_jiang
Danis Jiang
@danis_jiang
11 months
@asad0x01 Yeah, same😘
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
6 months
@vv474172261 最后申诉成功了,极限
2
0
1
@danis_jiang
Danis Jiang
@danis_jiang
2 years
Tweet media one
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
10 months
@k1nge3 我大学时候也经常这样,怀念啊
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
5 months
@Kevin2600 @0x140ce Because a formal video😂
0
0
1
@danis_jiang
Danis Jiang
@danis_jiang
3 months
@Pwnrin You are the King
0
0
1