腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News) - 2018/09/01

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Android ] Android OS 中通过 WiFi 广播泄漏敏感数据（CVE-2018-9489）： https://wwws.nightwatchcybersecurity.com/2018/08/29/sensitive-data-exposure-via-wifi-broadcasts-in-android-os-cve-2018-9489/
[ Attack ] NFC 支付: 重复的艺术 & 重放攻击： https://gsec.hitb.org/materials/sg2018/D2%20-%20NFC%20Payments%20-%20The%20Art%20of%20Relay%20&%20Replay%20Attacks%20-%20Salvador%20Mendoza.pdf
[ Attack ] 通过MSXSL进行鱼叉式网络钓鱼： https://reaqta.com/2018/03/spear-phishing-campaign-leveraging-msxsl/
[ Exploit ] 通过自定义URL方案远程进行Mac漏洞利用： https://objective-see.com/blog/blog_0x38.html
[ IoTDevice ] Hack BLE 自行车锁，来自 HITBGSEC ： https://gsec.hitb.org/materials/sg2018/D2%20-%20Hacking%20BLE%20Bicycle%20Locks%20for%20Fun%20and%20(a%20Small)%20Profit%20-%20Vincent%20Tan.pdf
[ Tools ] badKarma - 高级网络信息收集工具包: https://github.com/r3vn/badKarma
[ Tools ] J2EEScan - 用于J2EE安全扫描的Burp Suite插件： https://github.com/ilmila/J2EEScan
[ Tools ] Firework：通过Firework工具，在渗透测试中利用WCX文件收集NetNTLM哈希，并将目标引诱到攻击者控制的环境： https://www.trustwave.com/Resources/SpiderLabs-Blog/Firework--Leveraging-Microsoft-Workspaces-in-a-Penetration-Test/ Github ： https://github.com/SpiderLabs/Firework/
[ Tools ] COMMSEC - 监测WOW64应用程序中的本地执行情况，来自 HITBGSEC ： https://gsec.hitb.org/materials/sg2018/D2%20COMMSEC%20-%20Monitoring%20Native%20Execution%20in%20WoW64%20Applications%20-%20Assaf%20Carlsbad%20&;%20Yarden%20Shafir.pdf
[ Tools ] BIOSUtilities：用于修改和研究BIOS的各种工具 : https://github.com/platomav/BIOSUtilities
[ Tools ] SQLMap v1.2.8 发布 - 自动SQL注入和数据库接管工具： https://www.kitploit.com/2018/08/sqlmap-v128-automatic-sql-injection-and.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+PentestTools+%28PenTest+Tools%29
[ Vulnerability ] iOS Sandbox逃生之路： https://gsec.hitb.org/materials/sg2018/D2%20-%20The%20Road%20to%20iOS%20Sandbox%20Escape%20-%20Rani%20Idan.pdf
[ Vulnerability ] Docker for Windows中.net反序列化导致的特权提升漏洞（CVE-2018-15514）的详细介绍： https://srcincite.io/blog/2018/08/31/you-cant-contain-me-analyzing-and-exploiting-an-elevation-of-privilege-in-docker-for-windows.html
[ Vulnerability ] Android上JSON反序列化内存损坏漏洞分析 : https://versprite.com/blog/application-security/experiments-with-json-io-serialization-mass-assignment-and-general-java-object-wizardry/
[ Vulnerability ] iOS 漏洞解析,来自 HITBGSEC : https://gsec.hitb.org/materials/sg2018/D2%20-%20Decoding%20an%20iOS%20Vulnerability%20-%20Adam%20Donenfeld.pdf
[ Vulnerability ] 如何在任务计划中对一个公开丢弃的 0day 漏洞进行微修补： https://blog.0patch.com/2018/08/how-we-micropatched-publicly-dropped.html
[ Web Security ] 探究 URL 短地址服务中的秘密： https://pen-testing.sans.org/blog/2018/08/30/the-secrets-in-url-shortening-services
[ Windows ] 关于 WriteProcessMemory ，当拥有足够的权限时，可以获得对 EXECUTABLE 页面的写访问权限： https://theevilbit.blogspot.com/2018/08/about-writeprocessmemory.html