Nguyen The Duc

@ducnt_

Just another web warrior | Security Researcher | Sr. Security Engineer | CTF player @meepwnteam && @pwnphofun | Bug bounty hunter http://hackerone.com/ducnt_

Hồ Chí Minh, Việt Nam

ducnt.net

17 billeder og videoer Billeder og videoer

Tweets

Tweets, aktuel side.
Tweets & svar
Medier

Du blokerede @ducnt_

Er du sikker på, at du vil vise disse Tweets? At vise Tweets vil ikke fjerne blokering af @ducnt_

Fastgjort tweet
Nguyen The Duc‏ @ducnt_ 31. mar.
I really happy to share an article that bypass Akamai web application firewall and exploit a SQL Injection vulnerability. Hope this article will help someone in the same situation :). #bugbountytips #bypass #bounty https://hackemall.live/index.php/2020/03/31/akamai-web-application-firewall-bypass-journey-exploiting-google-bigquery-sql-injection-vulnerability/ …

8 svar 60 retweets 154 likes

Vis denne tråd

Vis denne tråd
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
The Best Linux Blog In the Unixverse‏ @nixcraft 28. maj
LOL.pic.twitter.com/CGhjk7oVeB

52 svar 1.734 retweets 5.405 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Chromium Disclosed Security Bugs‏ @BugsChromium 27. maj
Cross origin access with exception object + full exploit (reward: $25633) https://crbug.com/453937

67 retweets 240 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Abdullah Hussam‏ @Abdulahhusam 25. maj
Last month, I found a DOM XSS that led to RCE in @moodle. Here is the write-up: https://cube01.io/blog/Moodle-DOM-Stored-XSS-to-RCE.html … Most of the credit goes to @SecurityMBpic.twitter.com/LKboLLVs0C

14 svar 239 retweets 639 likes

Vis denne tråd

Vis denne tråd
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
PortSwigger Research‏ @PortSwiggerRes 26. maj
An impossible lab has been solved! Congratulations to @wcbowling who solved the attribute context arbitrary code lab. With the following solution: ?a=`+alert(document.domain);//&x=%22oncut=%22eval(%27`%27%2bURL)' the length limit has now been reduced to 20.

3 svar 83 retweets 391 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Nicolas Krassas‏ @Dinosn 25. maj
Abusing Microsoft Outlook 365 to Capture NTLMhttps://www.hackingarticles.in/abusing-microsoft-outlook-365-to-capture-ntlm/ …

3 svar 158 retweets 322 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Andrey Abakumov‏ @andrewaeva 25. maj
SSRF + CRLF + HTTP Pipeline + Docker API = RCE… How dangerous is Request Splitting, a vulnerability in Golang or how we found the RCE in Portainer and hacked Uberhttps://link.medium.com/dSWQ6ewPL6

4 svar 355 retweets 839 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Masato Kinugawa‏ @kinugawamasato 22. maj
Thanks Safari :D XSS via hash is back!! https://twitter.com/PortSwiggerRes/status/1263853351172804612 …pic.twitter.com/GqsRsrXJkr

1 svar 40 retweets 117 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
System32Comics‏ @System32Comics 22. maj
WinRAR <3pic.twitter.com/PrzePuX6Dm

84 svar 2.172 retweets 9.773 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
謎の男‏ @secret_return 22. maj
CVE-2020-9484 Tomcat RCE漏洞分析 https://mp.weixin.qq.com/s/OGdHSwqydiDqe-BUkheTGg …

1 retweet 9 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Ezequiel Pereira‏ @epereiralopez 21. maj
Here is a write-up of a very interesting RCE bug I found on Google Cloud Deployment Manager for the @GoogleVRP: https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html …

12 svar 297 retweets 731 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Weird History‏ @TheWeirdHistory 20. maj
Aerial ‘smoke screen’ used to protect ships in battle in the 20th century.pic.twitter.com/6ZlpL57iH8

122 svar 4.418 retweets 19.723 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Robin Verton‏ @RobinVerton 15. maj
I blogged about some interesting behavior which lead to an internal auth bypass. Smuggling HTTP headers through reverse proxies: https://telekomsecurity.github.io/2020/05/smuggling-http-headers-through-reverse-proxies.html …

3 svar 72 retweets 171 likes

Vis denne tråd

Vis denne tråd
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Orange Tsai ‏ @orange_8361 19. maj
Orange Tsai har retweetet Juliano Rizzo

Increasing disk and memory size make Integer Overflow great againhttps://twitter.com/julianor/status/1262806932198432768 …

Orange Tsai tilføjet,

Juliano Rizzo @julianor

The end is near. 2020 does not forgive. "15 years later: Remote Code Execution in qmail (CVE-2005-1513)" https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt …

15 retweets 90 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Stefan Judis‏ @stefanjudis 5. feb.
Text fragments will soon be available in Chromium land. You can then use `#:~:text=` to highlight certain text. Chrome status: https://chromestatus.com/feature/4733392803332096 … Spec: https://wicg.github.io/ScrollToTextFragment/ … #devsheets Video alt: Usage of text fragments to highlight text on wikipediapic.twitter.com/W5tUYZk8NY

10 svar 179 retweets 441 likes

Vis denne tråd

Vis denne tråd
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
HΔKLUKΞ‏ @hakluke 16. maj
Google open sourced their fuzzing dictionaries! https://github.com/google/fuzzing/tree/master/dictionaries …

12 svar 762 retweets 1.978 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
stypr‏ @stereotype32 18. maj
DEFCON web solution (except grad school)https://gist.github.com/stypr/369141278c186b9cffbeec68fe1b5d2e …

4 svar 24 retweets 59 likes

Vis denne tråd

Vis denne tråd
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Adam Langley‏ @adamtlangley 16. maj
I made a tool to generate Sec/Dictionary files for content discovery by scrapping GitHub for File/Folder Names and GET/POST & HTTP from PHP files. So far its examined 5,256,950 files from 39069 repositories, check the results https://github.com/adamtlangley/gitscraper … #BugBounty #bugbountytips

9 svar 223 retweets 570 likes

Vis denne tråd

Vis denne tråd
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Marcin Noga‏ @_Icewall 12. maj
One more to the pocket : CVE-2020-0901 - TALOS-2020-1015 Microsoft Office Excel s_Schema Code Execution Vulnerability https://talosintelligence.com/vulnerability_reports/TALOS-2020-1015 …

27 retweets 62 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc retweetede
Oscaron ‏ @oscaron 12. maj
pic.twitter.com/SZjS3wYZoM

9 svar 176 retweets 668 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd
Nguyen The Duc‏ @ducnt_ 12. maj
I and my teammate really happy to share our latest research / doing bug bounty about WAF exploit / bypass. This is a popular WAF application from a vendor in Vietnam, hope you like it . #bugbountytip #bypass #waf #pentest https://hackemall.live/index.php/2020/05/12/web-application-firewall-exploit-if-you-cannot-protect-yourself-who-can-you-protect/ …pic.twitter.com/sUjnHgjme9

xchym

1 retweet 10 likes
Tak. Twitter bruger dette til at forbedre din tidslinje. Fortryd

Fortryd

Indlæsning ser ud til at tage noget tid.

Twitter kan være overbelastet eller have en midlertidig forstyrrelse. Prøv igen, eller se flere oplysninger på Twitter Status.

Land	Kode	For kunder af
USA	40404	(nogen)
Canada	21212	(nogen)
Storbritannien	86444	Vodafone, Orange, 3, O2
Brasilien	40404	Nextel, TIM
Haiti	40404	Digicel, Voila
Irland	51210	Vodafone, O2
Indien	53000	Bharti Airtel, Videocon, Reliance
Indonesien	89887	AXIS, 3, Telkomsel, Indosat, XL Axiata
Italien	4880804	Wind
Italien	3424486444	Vodafone
» Se sms-tjenestenumre for andre lande

Nguyen The Duc

@ducnt_

Tweets

Du blokerede @ducnt_

Indlæsning ser ud til at tage noget tid.

Du vil måske også kunne lide

false

Gemte søgninger

Nguyen The Duc

@ducnt_

Tweets

Du blokerede @ducnt_

Nguyen The Duc fulgte

Indlæsning ser ud til at tage noget tid.

Ny på Twitter?

Du vil måske også kunne lide

false

Vælg en trend-lokalitet

Gå til en persons profil

Gemte søgninger

Promover dette Tweet

Bloker

Tweet med en lokalitet

Dine lister

Opret en ny liste

Kopier link til tweet

Indlejring af dette tweet

Embed this Video

Forhåndsvisning

Derfor ser du denne annonce

Log ind på Twitter

Tilmeld dig Twitter

Ikke på Twitter? Tilmeld dig, find de emner du holder af, og bliv opdateret så snart noget sker.

To-vejs (sende og modtage) tjenestenumre:

Bekræftelse

Velkommen hjem!

Fungerer Tweets ikke for dig?

Sig en masse med en smule

Spred budskabet

Deltag i samtalen

Få det seneste at vide

Få mere af det, du elsker

Opdag, hvad der sker.

Gå aldrig glip af et Øjeblik