Skip to content

Chi Tran

Security Research | Writeups | My words are my own

  • Home
  • About Me
  • Contact

Category: Security Research

Pwning the Samsung TV

Posted on January 27, 2022January 27, 2022 by Chi Tran

Overview Next, following up on the “failed” Pwn2Own 2021 series, this blog post will be…

Read More

Pwning the Facebook Portal

Posted on January 20, 2022January 20, 2022 by Chi Tran

Overview Back in November, 2021, my friend and I were trying to make an attempt…

Read More

[English] How I faked tons of COVID passes — “Weak Key Cryptography in real world”

Posted on September 29, 2021October 1, 2021 by Chi Tran

I. SUMMARY Hanoi Police Department was using a QR generation system to provide COVID passes…

Read More

[Tiếng Việt] Tôi đã fake hơn 250k giấy đi đường như thế nào — “Weak Key Cryptography in real world”

Posted on September 17, 2021October 1, 2021 by Chi Tran

I. TÓM TẮT Hệ thống cấp giấy đi đường mà Công An Thành Phố Hà…

Read More

[ZDI-21-977] D-Link DAP-2020 webproc Stack-based BOF RCE

Posted on August 21, 2021August 22, 2021 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran & phieulang93 & chung96vn Vendor & Product: D-Link Version: DAP-2020…

Read More

[ZDI-21-203] D-Link DAP-2020 webproc getpage Stack-based BOF RCE

Posted on February 26, 2021August 21, 2021 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran & phieulang93 & chung96vn Vendor & Product: D-Link Version: DAP-2020…

Read More

[CVE-2020-8962] D-LINK DIR-842 Stack-based Buffer-overflow

Posted on February 12, 2020August 30, 2020 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran Vendor & Product: D-Link Version: DIR-842_REVC_RELEASE_NOTES_v3.13B09_HOTFIX CVE Reference: CVE-2020-8962 II….

Read More

PortSwigger – Top 10 web hacking techniques of 2019 – nominations open

Posted on January 27, 2020 by Chi Tran

Author: James Kettle – @albinowax Update: Nominations are now closed – cast your vote here Nominations for…

Read More

[CVE-2020-7237] Remote Code Execution in Cacti RRDTool

Posted on January 25, 2020 by Chi Tran

I. OVERVIEW Discoverer: Chi Tran Vendor & Product: Cacti | Network Monitoring Tool Version: 1.2.8…

Read More

Arbitrary Command Execution in latest OrangeHRM platform

Posted on June 11, 2019November 6, 2019 by Chi Tran

I. OVERVIEW Author Credits: VietSunshine Penetration Testing Team (Hoang Le, Hoang Doan, Phi Le, Huy…

Read More
1 2 Next »

Categories

  • Bug Hunting
  • Cases Study
  • CTF
  • Hack The Box
  • OSCP
  • Penetration Testing Guides
  • Root-me
  • Security Cheat Sheets (@PENTESTMONKEY)
  • Security Research
  • Tools

Archives

  • January 2022
  • December 2021
  • September 2021
  • August 2021
  • February 2021
  • February 2020
  • January 2020
  • June 2019
  • May 2019
  • March 2019
  • February 2019
  • December 2018
© Chi Tran | Security Research
Proudly powered by WordPress | Theme: Bloge by Canyon Themes.