Nguyen The Duc

@ducnt_

Just another web warrior | Security Researcher | Security Engineer | CTF player && | Bug bounty hunter

Hồ Chí Minh, Việt Nam  
ducnt.net
Iscrizione a febbraio 2017
11 foto e video Foto e video

Tweet

Hai bloccato @ducnt_

Vuoi davvero vedere questi Tweet? Procedendo non sbloccherai @ducnt_

  1. Tweet fissato
    8 gen

    My first `double kill` at : Kudos to WordPress security team with very quickly and awesome work 🥰

    1 risposta 15 Mi piace
    Annulla
  2. ha ritwittato
    10 lug 2018

    Neatly bypassing Content Security Policy. Why 'unsafe-inline' is almost always a full-fledged XSS.

    5 risposte 130 Retweet 253 Mi piace
    Mostra questa discussione
    Mostra questa discussione
    Annulla
  3. ha ritwittato
    6 feb

    DOM Clobbering strikes back by

    2 risposte 86 Retweet 209 Mi piace
    Annulla
  4. ha ritwittato
    6 feb

    Thanks to research, new stuff are being released for soon - as for the features, payload minimization, raw cmd command, and auto command encoding within JSON/XML messages are being released after the PR review by

    1 risposta 33 Retweet 110 Mi piace
    Annulla
  5. ha ritwittato
    6 feb

    Nice by

    12 Retweet 58 Mi piace
    Annulla
  6. ha ritwittato
    5 feb

    Checkra1n for Windows first demo!!🔥🔥 Coming Soon!!

    85 risposte 310 Retweet 1.678 Mi piace
    Mostra questa discussione
    Mostra questa discussione
    Annulla
  7. ha ritwittato
    3 feb

    Here's my write-up for ’s CTF challenge!

    5 risposte 27 Retweet 103 Mi piace
    Annulla
  8. ha ritwittato
    3 feb

    CVE-2020-7471: SQLI in Django: django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter. FIX:

    54 Retweet 128 Mi piace
    Annulla
  9. ha ritwittato
    31 gen

    , , and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover.

    9 risposte 203 Retweet 404 Mi piace
    Annulla
  10. ha ritwittato
    31 gen

    Someone dropped a PHP zero-day on GitHub. Talked to the PHP team last night. Bug requires local foothold to exploit, so not usable for remote attacks. Also, this is the second exploit for this "disable_functions bypass" in the last few months.

    5 risposte 122 Retweet 190 Mi piace
    Annulla
  11. ha ritwittato
    28 gen

    .Net being open-source makes tracking these things cool. I just hope GitHub adds code navigation support for .net code soon as well. credit for the bug goes to of course.

    7 Retweet 17 Mi piace
    Annulla
  12. ha ritwittato
    28 gen

    Also for the iPhone 11 Pro Max, iOS 13.3.1 beta3 Jailbreak

    217 risposte 616 Retweet 2.566 Mi piace
    Annulla
  13. ha ritwittato
    24 gen

    Here are my (updated) slides from for my talk "Owning The Cloud Through SSRF & PDF Generators" with Chris Holt from . Big thank you to , , , , , and !

    39 Retweet 136 Mi piace
    Annulla
  14. ha ritwittato
    24 gen

    RDP Vuln CVE-2020-0609 & CVE-2020-0610 RD Gateway PoC (DoS) by Scanner by

    94 Retweet 197 Mi piace
    Annulla
  15. ha ritwittato
    23 gen

    The Bezos forensic report is not very good. The forensic analysis should be done by who at least have the relevant experience. The MP4 file should contain the exploit (if it is CVE-2019-11931). The exploit trigger should be visible with ffmpeg

    13 risposte 190 Retweet 487 Mi piace
    Mostra questa discussione
    Mostra questa discussione
    Annulla
  16. ha ritwittato
    22 gen

    This is a pretty good reminder that any invasive heuristics in the browser - be it XSS filters or privacy protections - often cause more problems than they address:

    3 risposte 38 Retweet 107 Mi piace
    Annulla
  17. ha ritwittato
    21 gen

    Learn how an authenticated RCE vulnerability in < 5.2.4 allows attackers to bypass hardening mechanisms. Read more ->

    21 Retweet 39 Mi piace
    Annulla
  18. ha ritwittato
    18 gen

    Just published a blog post talking about some iOS kernel framebuffer research I’ve been looking at over the last couple weeks. Have a read if you’re interested :)

    4 risposte 131 Retweet 416 Mi piace
    Mostra questa discussione
    Mostra questa discussione
    Annulla
  19. ha ritwittato
    18 gen

    RDP to RCE: When Fragmentation Goes Wrong AKA: What we know about CVE-2020-0609 and CVE-2020-0610.

    4 risposte 293 Retweet 585 Mi piace
    Annulla
  20. ha ritwittato
    16 gen

    "CVE-2020-0601: the ChainOfFools attack explained with PoC"

    5 Retweet 17 Mi piace
    Annulla
  21. ha ritwittato
    15 gen

    CVE-2020-5504 SQLI in phpMyAdmin: A malicious user could inject custom SQL in place of their own username when creating queries to this page fix:

    2 risposte 124 Retweet 251 Mi piace
    Annulla

@ducnt_ non ha ancora twittato.

Il caricamento sembra essere lento.

Twitter potrebbe essere sovraccarico o avere un problema temporaneo. Riprova o visita Twitter Status per ulteriori informazioni.

    Potrebbero piacerti

    ·