Sotwe logo Sotwe logo
DDXhunter's profile banner image
DDXhunter's profile image

rioru (Dany Bach)

@DDXhunter

Penetration tester & security researcher
BE/FR
Joined April 2009
469 Following
1K Followers
634 Posts
DDXhunter  retweeted
Coiffeur0x90's profile image
Coiffeur @Coiffeur0x90
🏴‍☠️ I can finally share a VMware 0day I discovered that led to CVE-2026-41702 (LPE as root). Funny enough, I found the bug in my hotel room after the second day of attending Csaba Fitzl (@theevilbit) & Gergely Kalman (@gergely_kalman) training at Zer0con. https://t.co/mG55Ksc4gE
Coiffeur0x90's tweet photo. 🏴‍☠️ I can finally share a VMware 0day I discovered that led to CVE-2026-41702 (LPE as root). Funny enough, I found the bug in my hotel room after the second day of attending Csaba Fitzl (@theevilbit) & Gergely Kalman (@gergely_kalman) training at Zer0con. https://t.co/mG55Ksc4gE https://t.co/qSjzSKNXDi
10
732
126
292
51K
DDXhunter  retweeted
Defte_'s profile image
Aurélien Chalot @Defte_
Funny tip, if you end up having a root access on a linux server with cortex installed, you can simply systemctl stop traps and disable it which will kill the agent for good. https://t.co/VVQf4bmakZ
1
45
11
28
3K
DDXhunter  retweeted
Nikaiw's profile image
NK @Nikaiw
meet VMkatz, https://t.co/eza4AXRuFT
12
937
245
722
69K
DDXhunter's profile image
rioru (Dany Bach) @DDXhunter
@andremoulu @CellebriteLabs Intéressé. 😀
0
1
0
0
236

Who to follow

cfreal_'s profile image
Charles Fol
@cfreal_
@Synacktiv – previously @ambionics @LexfoSecurite – blogs: https://t.co/cLoNdCGPU7 https://t.co/JVMLjUzTJU https://t.co/t9a5IcOXSU
Synacktiv's profile image
Synacktiv Verified account
@Synacktiv
Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
kaluche_'s profile image
Kaluche Verified account
@kaluche_
Red Team 🎯 at @QuarksLab | Windows & Active Directory 💗 | @BreizhCTF co-founder 🚩
DDXhunter  retweeted
ambionics's profile image
Ambionics Security @ambionics
Iconv, set the charset to RCE: in the first blog post of this series, @cfreal_ will show a new exploitation vector to get RCE in PHP from a file read primitive, using a bug in iconv() (CVE-2024-2961) https://t.co/7GQvKPszrl
3
299
121
97
54K
DDXhunter  retweeted
ambionics's profile image
Ambionics Security @ambionics
Introducing a new tool for #PHP filters attacks, #wrapwrap: an algorithm to add an arbitrary prefix and suffix to a PHP resource, improving the exploitation of file read and #SSRF vulnerabilities. https://t.co/iP3DpFBEmx
0
135
46
45
14K
DDXhunter  retweeted
ambionics's profile image
Ambionics Security @ambionics
We've updated our blogpost about @ownCloud with an #exploit for #CVE-2023-49105 and a video. https://t.co/6fDfMLHYC9
1
24
16
6
9K
DDXhunter  retweeted
cfreal_'s profile image
Charles Fol @cfreal_
The @owncloud CRITICAL vulnerabilities I reported (CVE-2023-49103, CVE-2023-49105) are now patched. Patch your #owncloud. Details when possible. #pwncloud
2
92
20
12
35K
DDXhunter's profile image
rioru (Dany Bach) @DDXhunter
@andremoulu @hexacon_fr @Cellebrite Intéressé !
0
2
0
0
302
DDXhunter's profile image
rioru (Dany Bach) @DDXhunter
@fastfire Hello, that is a PoC for CVE-2022-42475 (you can read so in the readme, also by reading the exploit that is targeting the Content-Length issue from the previous CVE).
1
3
0
1
1K
DDXhunter's profile image
rioru (Dany Bach) @DDXhunter
This was a fun one! The vulnerability has been found and exploited during the timeframe of one of our Red Team engagements and allowed us to compromise our target entirely. Happy patch week! #xortigate
LexfoSecurite's profile image
Lexfo @LexfoSecurite
#Fortinet patched #CVE-2023-27997, a critical vulnerability affecting its VPN #Fortigate. Our latest blogpost describes the technical details about the bug, a pre-auth heap overflow, with a twist. #xortigate https://t.co/LZ1ynVNY7w
2
180
102
21
62K
1
54
10
3
11K
DDXhunter  retweeted
LexfoSecurite's profile image
Lexfo @LexfoSecurite
#Fortinet patched #CVE-2023-27997, a critical vulnerability affecting its VPN #Fortigate. Our latest blogpost describes the technical details about the bug, a pre-auth heap overflow, with a twist. #xortigate https://t.co/LZ1ynVNY7w
2
180
102
21
62K
DDXhunter's profile image
rioru (Dany Bach) @DDXhunter
@abasmayorr @BleepinComputer @LawrenceAbrams Yes, it is a vulnerability in the SSL-VPN component of Fortigate, disabling it should prevent exploitation.
0
0
0
0
108
DDXhunter  retweeted
cfreal_'s profile image
Charles Fol @cfreal_
The IR number is 23-097. Patch your Fortigate. https://t.co/FdzjrnUAGy
1
52
15
7
17K
DDXhunter  retweeted
cfreal_'s profile image
Charles Fol @cfreal_
#Fortinet published a patch for CVE-2023-27997, the Remote Code Execution vulnerability @DDXhunter and I reported. This is reachable pre-authentication, on every SSL VPN appliance. Patch your #Fortigate. Details at a later time. #xortigate
25
691
288
92
371K
DDXhunter  retweeted
LexfoSecurite's profile image
Lexfo @LexfoSecurite
Introducing sshimpanzee, a reverse shell made by @TitouanLazard based on openssh's sshd. It supports DNS, ICMP and HTTP encapsulation as well as SOCKS and HTTP Proxies : https://t.co/PmEIHODLru
0
97
38
19
18K
DDXhunter's profile image
rioru (Dany Bach) @DDXhunter
@ChiseLouve Pareil
0
0
0
0
67
DDXhunter  retweeted
CVEnew's profile image
CVE @CVEnew
CVE-2022-47949 The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. Th... https://t.co/pUb2RpqmwV
1
117
36
13
28K
DDXhunter  retweeted
LexfoSecurite's profile image
Lexfo @LexfoSecurite
Learn how we discovered 5 distinct vulnerabilities on @watchguard #Firebox/#XTM firewalls, and obtained a pre-auth Remote Code Execution as root #0day (CVE-2022-31789, CVE-2022-31790). https://t.co/I2ixfZEAPK
1
76
31
11
0
DDXhunter  retweeted
ptswarm's profile image
PT SWARM @ptswarm
💥 New attack! Our researcher Arseniy Sharoglazov discovered a PHP's Arbitrary Object Instantiation with no user-defined classes. It was turned to RCE! Read the research: https://t.co/PJZHLRM8xq
ptswarm's tweet photo. 💥 New attack! Our researcher Arseniy Sharoglazov discovered a PHP's Arbitrary Object Instantiation with no user-defined classes. It was turned to RCE! Read the research: https://t.co/PJZHLRM8xq https://t.co/7AAPu6b4sL
5
621
246
90
0

Last Seen Users on Sotwe

0000toku0000's profile image
人妻あおい
hentai_10k's profile image
Animexxx
Seen from Malaysia
Nguyentuan1990l's profile image
nguyentuan
Seen from Vietnam
syaifullriau's profile image
x_syaifulriau
cannabaabyyy's profile image
Canna 🍒
Seen from United States
blewah_kampung's profile image
Pasutri Fantasi
Seen from Indonesia
sexlove41444930's profile image
شغال في المدينة
Seen from Bahrain
tsprettyleila's profile image
Pretty Leila 🏳️‍⚧️
Seen from Poland
SRaqy4756's profile image
. ❤
akhmadtoyibi2's profile image
akhmad selowe
Seen from Singapore

Trends for you

1
D-Day
Under 10K tweets
2
Karmelo
Under 10K tweets
3
Normandy
Under 10K tweets
4
Knicks
Under 10K tweets
5
ariana
Under 10K tweets
6
Mormons
Under 10K tweets
7
Melanie
Under 10K tweets
8
#UFCVegas118
Under 10K tweets
9
Good Sunday
Under 10K tweets
10
#bucciovertimechallenge
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.2M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.6M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
109M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
107M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.3M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.6M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
86.8M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
80.6M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.2M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.4M followers
youtube's profile image
13
YouTube Verified account
@youtube
68.6M followers
imvkohli's profile image
14
Virat Kohli Verified account
@imvkohli
68.6M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.4M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
cnn's profile image
17
CNN Verified account
@cnn
61.9M followers
neymarjr's profile image
18
Neymar Jr Verified account
@neymarjr
61.1M followers
x's profile image
19
X Verified account
@x
60.9M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
59.9M followers