Tweets
- Tweets, current page.
- Tweets & replies
- Media
You blocked @ducnt_
Are you sure you want to view these Tweets? Viewing Tweets won't unblock @ducnt_
-
Pinned Tweet
So, here is another gift for you about Imagemagick RCE 0-day that afftceted to GhostScript-9.50
https://github.com/duc-nt/RCE-0-day-for-GhostScript-9.50 …
#RCE#imagemagick#ghostscriptpic.twitter.com/6tIeJL0uv1Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Nguyen The Duc Retweeted
Read the details about
#CVE-2021-21703 on our Ambionics' blog, a 10 year-old Local Root vulnerability affecting PHP-FPM,#PHP FastCGI's server. PHP-FPM is often used with major HTTPd servers such as#NGINX and#Apache.https://www.ambionics.io/blog/php-fpm-local-root …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc Retweeted
It’s never too late to review path normalizations and break parser logics!https://twitter.com/chybeta/status/1450670242070347782 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc Retweeted
Infosec confs: Let's listen to this CIO talk about the security lifecycle for an hour. Meanwhile in China:https://twitter.com/gguaiker/status/1449192973627842560 …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Just got worked exploit PoC for path traversal in Apache HTTP Server 2.4.49 (CVE-2021-41773) with my collab again
@yabeow#bugbountytipspic.twitter.com/oGHtbWwKHT
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc Retweeted
Here's our best explanation from what we can see on how
@Facebook disappeared from the Internet:https://blog.cloudflare.com/october-2021-facebook-outage/ …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Nguyen The Duc Retweeted
For the hardcore PHP auditing fans... It's not just about the successes this time. It's important to cover the failures too!
#NoSuccessWithoutFailurehttps://twitter.com/sourceincite/status/1443594536501006338 …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc Retweeted
Finally, here is the blog for the prototype pollution research we did. "A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild https://pwn.af/research/pp pic.twitter.com/1oB57gbbjs
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Nguyen The Duc Retweeted
Nuclei < v2.5.2 was vulnerable to RCE. I found that you could achieve RCE by using a malicious .yaml template and exploiting nuclei's headless browser feature, which runs with sandbox disabled. Thanks
@pdnuclei for the quick update and fix. PoC:https://gist.github.com/c3l3si4n/88f750d20110ba603939b7473a8012ba …Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Nguyen The Duc Retweeted
I just found iOS 14.8 not just patched two 0 days. It also patched CVE-2021-1740 again silently. https://jhftss.github.io/CVE-2021-1740-Invalid-Patch/ …
Thanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc RetweetedThanks. Twitter will use this to make your timeline better. UndoUndo
-
Nguyen The Duc Retweeted
SpockJs, a new side-channel attack on modern CPUs, successfully bypasses the Site Isolation security feature of
#Chrome and Chromium-based browsers to protect against Spectre-type flaws, allowing attackers to steal data from other sites. https://thehackernews.com/2021/09/new-spookjs-attack-bypasses-google.html …#infosecThanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc Retweeted
Stop and UPDATE your iPhones to iOS 14.8 NOW!!! We
@citizenlab recovered NSO Group's FORCEDENTRY zero-click exploit (CVE-2021-30860) from the phone of a Saudi activist, and shared w/ Apple, who released iOS 14.8 today with a fix.https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/ …Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo -
Nguyen The Duc Retweeted
WTF AWS Security? The year is 2021 and you still don't allow your security researcher to disclose a ridiculous vulnerability they found on their own time, using resources paid with their own money, even after the vendor refused to fix it!
@colmmacc https://twitter.com/0xfatty/status/1437510606135996420 …This Tweet is unavailable.Thanks. Twitter will use this to make your timeline better. UndoUndo
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.