Nguyen The Duc

@ducnt_

Just another web warrior | Security Researcher | Sr. Security Engineer | CTF player && | Bug bounty hunter

Hồ Chí Minh, Việt Nam  
ducnt.net
Registrerte seg februar 2017
12 bilder og videoer Bilder og videoer

Tweets

Du har blokkert @ducnt_

Er du sikker på at du vil vise disse tweetene? Dette vil ikke oppheve blokkeringen av @@ducnt_.

  1. Festet tweet
    8. jan.

    My first `double kill` at : Kudos to WordPress security team with very quickly and awesome work 🥰

    1 svar 15 liker
    Angre
  2. 27. feb.

    Filed a duplicate with gr8 bug was found by but can reopen it with a triaged issue. Really a excited moment.

    1 svar 1 retweet 9 liker
    Angre
  3. Retweetet
    25. feb.

    New blog post! Here is how you can use MSBuild’s UnregisterAssembly task to execute arbitrary code in a .NET assembly. ⤵️

    1 svar 112 retweets 211 liker
    Angre
  4. Retweetet
    21. feb.

    Just wrote a new article about how I found a Remote Command Execution 0-day (CVE-2020-8813) via static analysis in Cacti v1.2.8 the popular infrastructure graphing solution. I also explained how to exploit it without authentication in some cases.

    13 svar 239 retweets 614 liker
    Angre
  5. Retweetet
    18. feb.

    Slides from my talk on iMessage exploitation: More technical details in the blog post: Great conference again, thanks team! :)

    2 svar 111 retweets 305 liker
    Angre
  6. Retweetet
    18. feb.

    [PoC] CVE-2020-0618 Microsoft SQL Server Reporting Services RCE Vulnerability POST /ReportServer/pages/ReportViewer.aspx HTTP/1.1 Host: target ... ... NavigationCorrector$PageState=NeedsCorrection&NavigationCorrector$ViewState=[PayloadHere]&__VIEWSTATE=

    Dette mediet kan inneholde sensitivt materiale. Finn ut mer
    4 svar 188 retweets 351 liker
    Angre
  7. Retweetet
    18. feb.

    Just published another remote code execution chain I exploited recently. I also wrote about how organizations can stop these attacks at the development stage - the key is convention over configuration.

    17 svar 211 retweets 650 liker
    Angre
  8. Retweetet
    11. feb.

    さんとSpectreやXS-LeaksやCross-Origin-*ヘッダーについて話しました! / ep63 Cross Origin Info Leaks

    1 svar 4 retweets 32 liker
    Vis denne tråden
    Vis denne tråden
    Angre
  9. Retweetet
    17. feb.

    Top 10 new web hacking techniques of 2019

    7 svar 769 retweets 1 517 liker
    Angre
  10. Retweetet
    13. feb.

    I've discovered logic privilege escalation bug on AMD User Experience Program Launcher from Radeon Software -2020-8950

    1 svar 84 retweets 156 liker
    Angre
  11. Retweetet
    11. feb.

    Blind SSRF exploitation En: Ru: What about port scanning using DNS-requests?

    4 svar 165 retweets 421 liker
    Angre
  12. Retweetet
    11. feb.

    A few small proposals for PHP 8 have been accepted: ::class Static return type Variable syntax tweaks

    11 svar 135 retweets 331 liker
    Angre
  13. Retweetet
    10. jul. 2018

    Neatly bypassing Content Security Policy. Why 'unsafe-inline' is almost always a full-fledged XSS.

    5 svar 130 retweets 254 liker
    Vis denne tråden
    Vis denne tråden
    Angre
  14. Retweetet
    6. feb.

    DOM Clobbering strikes back by

    2 svar 90 retweets 214 liker
    Angre
  15. Retweetet
    6. feb.

    Thanks to research, new stuff are being released for soon - as for the features, payload minimization, raw cmd command, and auto command encoding within JSON/XML messages are being released after the PR review by

    1 svar 33 retweets 113 liker
    Angre
  16. Retweetet
    6. feb.

    Nice by

    13 retweets 58 liker
    Angre
  17. Retweetet
    5. feb.

    Checkra1n for Windows first demo!!🔥🔥 Coming Soon!!

    87 svar 306 retweets 1 682 liker
    Vis denne tråden
    Vis denne tråden
    Angre
  18. Retweetet
    3. feb.

    Here's my write-up for ’s CTF challenge!

    5 svar 29 retweets 108 liker
    Angre
  19. Retweetet
    3. feb.

    CVE-2020-7471: SQLI in Django: django.contrib.postgres.aggregates.StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter. FIX:

    57 retweets 132 liker
    Vis denne tråden
    Vis denne tråden
    Angre
  20. Retweetet
    31. jan.

    , , and I are starting a new security blog. In our first write-up, we will discuss the impact of "SameSite by default" and how it affects web app sec. Feel free to request future topics you would like us to cover.

    11 svar 216 retweets 413 liker
    Angre
  21. Retweetet
    31. jan.

    Someone dropped a PHP zero-day on GitHub. Talked to the PHP team last night. Bug requires local foothold to exploit, so not usable for remote attacks. Also, this is the second exploit for this "disable_functions bypass" in the last few months.

    5 svar 122 retweets 190 liker
    Angre

@ducnt_ har ikke Tweetet enda.

Lastingen ser ut til å ta sin tid.

Twitter kan være overbelastet, eller det kan ha oppstått et midlertidig problem. Prøv igjen, eller se Twitters status for mer informasjon.

    Du vil kanskje også like

    ·