腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] 绕过安卓 SSL Pinning 以及 SSLCertificateChecker Phonegap 防御的 Frida 脚本: https://github.com/integrity-sa/android/tree/master/frida/hooks/pinning
-
[ Browser ] Safari 技术预览版本 61 发布: https://webkit.org/blog/8365/release-notes-for-safari-technology-preview-61/
-
[ Browser ] WebKit JavaScript Core 任意代码执行漏洞 EXP(CVE-2018-4192): https://www.exploit-db.com/exploits/45048/
-
[ Data Breach ] 超过15,500个 Mega 账户的密码以及文件列表泄露: https://twitter.com/i/web/status/1019507461856940032
-
[ Exploit ] 栈溢出漏洞利用 第2部分 - 构建ROP链: https://malwaresec.github.io/Building-the-ROP-Chain/
-
[ Industry News ] IETF102 提出新草案,添加特定 HTTP 头以防御 CDN 转发回环攻击: https://tools.ietf.org/html/draft-cdn-loop-prevention-00
-
[ Industry News ] 血液检测处理商 LabCorp 透露,上周末在其网络上发现了可疑活动,可能对其医学测试产生影响: https://threatpost.com/labcorp-investigates-a-potential-breach-that-could-affect-millions/134116/
-
[ iOS ] Electra for iOS 11.0 - 11.3.1 现已开源: https://github.com/coolstar/electra1131
-
[ MalwareAnalysis ] Unit 42 针对恶意邮件同时分销 Emotet + Trickbot 的分析: https://researchcenter.paloaltonetworks.com/2018/07/unit42-malware-team-malspam-pushing-emotet-trickbot/
-
[ MalwareAnalysis ] Smoke Loader 恶意软件分析报告: https://www.cert.pl/en/news/single/dissecting-smoke-loader/
-
[ Others ] Powershell Transcript 逃避技术: https://twitter.com/i/web/status/1019586562055659520
-
[ Pentest ] 滥用 WMI Providers 进行持久化攻击: https://www.youtube.com/watch?v=mkvGcf63_9k&feature=youtu.be
-
[ Pentest ] 使用基于 DOM 的 Dangling markup 技术绕过 CSP 策略: https://portswigger.net/blog/evading-csp-with-dom-based-dangling-markup
-
[ Popular Software ] PrestaShop < 1.6.1.19 - 'BlowFish ECD' 权限提升漏洞 EXP(CVE-2018-13784): https://www.exploit-db.com/exploits/45047/
-
[ Popular Software ] PrestaShop < 1.6.1.19 - 'AES CBC' 权限提升漏洞 EXP(CVE-2018-13784): https://www.exploit-db.com/exploits/45046/
-
[ Tools ] RunDotNetDll - 列出给定 .NET 程序集的所有方法并调用它们的工具: https://github.com/enkomio/RunDotNetDll
-
[ Tools ] PYEVASM - 用于以太坊虚拟机(EVM)反汇编和汇编的 Python 库 : https://github.com/trailofbits/pyevmasm
-
[ Tools ] 使用 Cobalt Strike 和 Gargoyle 绕过内存扫描检测: https://labs.mwrinfosecurity.com/blog/experimenting-bypassing-memory-scanners-with-cobalt-strike-and-gargoyle/
-
[ Tools ] MutliProtocolAspNetCore - 使用 ASP.NET Core 和 Kestrel 实现的多协议服务器: https://github.com/davidfowl/MultiProtocolAspNetCore
-
[ Virtualization ] 在无特权的 Guest 环境中检测恶意的虚拟机管理程序,来确认环境的可信度及可能的威胁(paper): http://dfrws.org/sites/default/files/session-files/paper_who_watches_the_watcher_detecting_hypervisor_introspection_from_unprivileged_guests.pdf
-
[ Vulnerability ] ORACLE WebLogic SAML 身份认证绕过漏洞披露(CVE-2018-2998/CVE-2018-2933): https://pulsesecurity.co.nz/advisories/WebLogic-SAML-Vulnerabilities
-
[ Windows ] Windows 10 PagedPool 单字节溢出利用 (WCTF 2018): https://j00ru.vexillium.org/2018/07/exploiting-a-windows-10-pagedpool-off-by-one/
-
-
[ Linux ] 使用基于 Debian 系统上的 Live-Build 构建 Kali: https://www.kali.org/tutorials/build-kali-with-live-build-on-debian-based-systems/
-
[ MalwareAnalysis ] 分析恶意软件用的虚拟机安装教程: https://oalabs.openanalysis.net/2018/07/16/oalabs_malware_analysis_virtual_machine/
-
[ MalwareAnalysis ] Trustlook 对最近发现的恶意Android 应用的分析,Bangle Android App Packer: https://blog.trustlook.com/2018/07/19/bangle-android-app-packer-unpacking-analysis/
-
-
[ Pentest ] Webshell 将登录口隐藏在虚假的404页面下: https://twitter.com/nullcookies/status/1019569151503986689?s=21
-
-
[ Virtualization ] 使用 PowerShell 实现对 Hyper-v 虚拟机的自动化管理: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/powershell-direct