About

Zhenpeng Lin

Email: zplin@u.northwestern.edu

Twitter Google Scholar CV PGP Key

I am a fourth-year PhD student at Northwestern University. I am fortunate to be advised by Dr. Xinyu Xing. My Research focuses on OS exploitation and defense. I love hacking in the real world. I have done many Linux kernel exploitation and contributed many security fixes to Linux kernel. I used to play CTF a lot with team Nu1L.

News

10/2022 GREBE is accepted to CSAW 2022 Finalists.

08/2022 DirtyCred is accepted to CCS.

07/2022 I report (and exploit) a kernel 0day that could affect millions of Android devices to Google. [demo]

06/2022 Our submission of a new exploitation approach is accepted to Black Hat USA.

05/2022 We (team TUTELARY at NU) pwned lastest Ubuntu system at Pwn2Own. [press]

11/2021 I am the very first to successfully exploit Google’s COS through KCTF VRP.

Publications

DirtyCred: Escalating Privilege in Linux Kernel
Zhenpeng Lin, Yuhang Wu, Xinyu Xing
ACM CCS 2022 [code] [slides] [qualify exam slides]

Cautious! A New Exploitation Method! No Pipe but as Nasty as Dirty Pipe
Zhenpeng Lin, Yuhang Wu, Xinyu Xing
Black Hat USA 2022 [slides]

GREBE: Unveiling Exploitation Potential for Linux Kernel Bugs
Zhenpeng Lin, Yueqi Chen, Yuhang Wu, Dongliang Mu, Chensheng Yu, Xinyu Xing, Kang Li
IEEE S&P 2022 (CSAW 22 Finalist) [code] [slides]

An In-depth Analysis of Duplicated Linux Kernel Bug Reports
Dongliang Mu, Yuhang Wu, Yueqi Chen, Zhenpeng Lin, Chensheng Yu, Xinyu Xing, Gang Wang
NDSS 2022

Your Trash Kernel Bug, My Precious 0-day
Zhenpeng Lin, Yueqi Chen, Xinyu Xing, Kang Li
Black Hat Europe 2021 [slides]

Finding Multiple Bug Effects for More Precise Exploitability Estimation
Zhenpeng Lin, Yueqi Chen
Linux Security Summit North America 2021 [slides]

A General Approach to Bypassing Many Kernel Protections and its Mitigation
Yueqi Chen, Zhenpeng Lin, Xinyu Xing
Black Hat Asia 2021 [slides]

A Systematic Study of Elastic Objects in Kernel Exploitation
Yueqi Chen, Zhenpeng Lin, Xinyu Xing
ACM CCS 2020 [code] [slides] [video]

Bypassing Many Kernel Protections Using Elastic Objects
Yueqi Chen, Zhenpeng Lin
Linux Security Summit Europe 2020 [slides]

Hacking

CVE-2021-3715
CVE-2017-8187
CVE-2017-8188
CVE-2017-8190
CVE-2017-8191
CVE-2017-17223
CVE-2017-17221
CVE-2017-17222

Articles

How AUTOSLAB Changes the Memory Unsafety Game

Honors and Awards

2022, Google, $50337 reward
2022, Pwn2Own Winner
2021, LSS North America, Student Travel Grant Award
2021, 7th at DEF CON 29 CTF Finals, Team Nu1L
2021, Black Hat USA, Student Scholarship
2020, Black Hat USA, Student Scholarship

Community Services

External reviewer

  • IEEE S&P 2023
  • IEEE S&P 2022, USENIX Security 2022, ACM CCS 2022
  • USENIX Security 2021, ACM CCS 2021
  • USENIX Security 2020, ACM CCS 2020