https://ngothienan.github.io/posts/ Recent content in Posts on ancorn_ | Ngô Thiên An https://pbs.twimg.com/profile_images/1634910718846963717/RJTIDn4s_400x400.jpg https://pbs.twimg.com/profile_images/1634910718846963717/RJTIDn4s_400x400.jpg Hugo -- 0.156.0 en Thu, 05 Mar 2026 00:24:25 +0700 https://ngothienan.github.io/posts/ai-driven-code-analysis---the-future-of-whitebox-security-testing/ Thu, 05 Mar 2026 00:24:25 +0700 https://ngothienan.github.io/posts/ai-driven-code-analysis---the-future-of-whitebox-security-testing/ <h2 id="icymi-in-case-you-missed-it">ICYMI (In Case You Missed It)</h2> <p>Let&rsquo;s be real—whitebox pentesting involves <em>a lot</em> of tedious, repetitive steps. From reading and wrapping your head around the context, digging through the logic, hunting for bugs, exploiting them, to the absolute drag of writing reports&hellip; it&rsquo;s a grind. But guess what? AI can now totally carry us through almost all of these phases! In this post, I&rsquo;m going to flex <strong>Antigravity</strong> along with its full arsenal of skills and rules to pull off a buttery smooth whitebox pentest.</p> https://ngothienan.github.io/posts/poc--cve-2024-24842---unauthenticated-php-object-injection-in-plugin-knowledge-base/ Mon, 19 Feb 2024 21:24:25 +0700 https://ngothienan.github.io/posts/poc--cve-2024-24842---unauthenticated-php-object-injection-in-plugin-knowledge-base/ <p><a href="https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/echo-knowledge-base/knowledge-base-for-documentation-faqs-with-ai-assistance-11302-unauthenticated-php-object-injection-in-is-article-recently-viewed">Knowledge Base for Documentation, FAQs with AI Assistance plugin - Unauthenticated PHP Object Injection</a></p> <h2 id="-table-of-content">✋ Table of content</h2> <ol> <li>About Knowledge Base for Documentation, FAQs with AI Assistance plugin</li> <li>The security vulnerability</li> <li>The patch</li> <li>Conclusion</li> </ol> <p>This blog post is about the <strong>Knowledge Base for Documentation, FAQs with AI Assistance</strong> plugin vulnerability. If you&rsquo;re using this plugin, please update the plugin to at least version <strong>11.31.0</strong>.</p> <h2 id="about-knowledge-base-for-documentation-faqs-with-ai-assistance-plugin">About Knowledge Base for Documentation, FAQs with AI Assistance plugin</h2> <p>The plugin <strong>Knowledge Base for Documentation, FAQs with AI Assistance</strong> (versions 11.30.2 and below), which is estimated to have over 10,000 active installations.</p> https://ngothienan.github.io/posts/poc-cve-2020-7769---command-injection-in-nodemailer/ Sun, 03 Sep 2023 21:24:25 +0700 https://ngothienan.github.io/posts/poc-cve-2020-7769---command-injection-in-nodemailer/ <h2 id="introduction">Introduction</h2> <p><a href="https://security.snyk.io/vuln/SNYK-JS-NODEMAILER-1038834">Command Injection in nodemailer</a></p> <p>Someday, i read some product code and found out that application using nodemailer to send email. After spending some second to audit <strong>package-lock</strong> file, i saw it had this CVE.</p> <p>But i read that details and their POC, i still not understand what they want to deliver.</p> <p>Found their commit to fix their bug and already know where the bug from <a href="https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54">https://github.com/nodemailer/nodemailer/commit/ba31c64c910d884579875c52d57ac45acc47aa54</a></p> <p>It comes from <strong>send</strong> function, with arbitrary command flag injection in <strong>sendmail</strong> transport. <img loading="lazy" src="https://ngothienan.github.io/CVE-2020-7769/1.png"></p>