腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/09/16

Nicolas Krassas @Dinosn

[ Detect ] How to Hunt: Detecting Persistence & Evasion with the COM https://www.endgame.com/blog/how-hunt-detecting-persistence-evasion-com

" Windows 系统从 COM 的角度检测攻击维持和逃逸技术： https://t.co/6ZhPZ5K3YC"
Binni Shah @binitamshah

[ Exploit ] Modern Vulnerability Exploitation - Shellcoding : https://drive.google.com/file/d/0B7qRLuwvXbWXT1htVUVpdjRZUmc/edit , The Heap Overflow : https://drive.google.com/file/d/0B7qRLuwvXbWXdFFLUmhabldzS00/edit

" 漏洞利用之 Shellcode 开发： https://drive.google.com/file/d/0B7qRLuwvXbWXT1htVUVpdjRZUmc/edit 堆溢出： https://drive.google.com/file/d/0B7qRLuwvXbWXdFFLUmhabldzS00/edit "
DennisF @DennisF

[ iOS ] Researcher Bypasses iOS Passcode Limit With NAND Mirroring https://www.onthewire.io/researcher-bypasses-ios-passcode-limit-with-nand-mirroring/

"通过镜像 iOS NAND 内存破解锁屏密码： https://t.co/gyGfFWkoIF"
Nicolas Krassas @Dinosn

[ Linux ] NetBSD mail.local Privilege Escalation https://packetstormsecurity.com/files/138733/netbsd_mail_local.rb.txt

"NetBSD mail.local 提权漏洞（CVE-2016-6253）： https://t.co/SFLdKlsSgw"
dragosr @dragosr

[ Mitigation ] ROP to LOP https://goo.gl/rjqERk

" 从 ROP 到 LOP（Loop Oriented Programming），Bypass Control-Flow Enforcement： https://t.co/8UhUKmubJM"
NCC Group plc @NCCGroupplc

[ NetworkDevice ] New NCC Group technical advisory: D-Link routers vulnerable to Remote Code Execution https://www.nccgroup.trust/uk/our-research/d-link-routers-vulnerable-to-remote-code-execution-rce/?research=Technical+advisories

" D-link 路由器多个版本存在远程代码执行漏洞（CVE-2016-5681）： https://t.co/9zN3XqXfYA"
Nicolas Krassas @Dinosn

[ Others ] Analysing and repurposing Spartan's CVE-2015-7645 http://contextis.com/resources/blog/analysing-and-repurposing-spartans-cve-2015-7645/

" Spartan Exploit Kit 的 CVE-2015-7645 Flash EXP 的分析和再利用，来自 Context Blog： https://t.co/YlYoGlHjRM"
Mike_Mimoso @Mike_Mimoso

[ Others ] Attack Leverages #Windows Safe Mode: https://threatpost.com/attack-leverages-windows-safe-mode/120622/ via @ threatpost

" 远程攻击 Windows 安全模式（Safe Mode），禁用终端防护特性： https://t.co/QlNj8catOq"
Andrey Karpov @Code_Analysis

[ Others ] NullPointerException in C++ - Cristian Adam https://cristianadam.eu/20160914/nullpointerexception-in-c-plus-plus/ via @ cristianadam (#cpp, #null)

" C++ 的空指针异常以及在不同平台的异常处理： https://t.co/SuB5Xxq8bM "
Binni Shah @binitamshah

[ Pentest ] WiFi Pentesting With a Pineapple NANO, OS X and BetterCap : https://www.evilsocket.net/2016/09/15/WiFi-Pineapple-NANO-OS-X-and-BetterCap-setup/ cc @ evilsocket

" Pineapple NANO, OS X 和 BetterCap 构建的 WiFi 渗透测试环境: https://t.co/7XRNa5PhZm "
TrendLabs @TrendLabs

[ Popular Software ] New post: CVE-2016-6662 Advisory: Recent MySQL Code Execution/Privilege Escalation #0Day Vulnerability http://bit.ly/2cW7ynM @ TrendMicro

" 趋势科技对最近的 MySQL 远程代码执行漏洞（CVE-2016-6662）的分析： https://t.co/nrwwlXR1qz "
Binni Shah @binitamshah

[ Tools ] Keypatch assembler 2.0 for IDA Pro : http://www.keystone-engine.org/keypatch2 ,Tutorial : http://www.keystone-engine.org/keypatch/tutorial/

" IDA Pro 的汇编器插件 Keypatch 发布 2.0 版本: https://t.co/XTDnYM6Gcq 教程︰ https://t.co/d5Svf7AELO"
NCC Group plc @NCCGroupplc

[ Tools ] Blog post: Introducing BLESuite & BLE-Replay: Python Tools for Rapid Assessment of Bluetooth Low Energy Peripherals https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/september/introducing-blesuite-and-ble-replay-python-tools-for-rapid-assessment-of-bluetooth-low-energy-peripherals/

" BLESuite 和 BLE-Replay - NCC Group 开源的蓝牙低功耗设备的测试工具，之前推送过： https://t.co/0b8VaxLnHe "

2016/09/16