腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Exploit ] Shadow ROP - 一种在用户空间向内核堆栈提供ROP链的方法，用来帮助内核漏洞利用开发： https://acru3l.github.io/2018/10/20/ropping-through-shady-corners/
[ Pentest ] 破解 GSuite Perimeter 的红队战术： https://www.slideshare.net/MichaelFelch/red-team-tactics-for-cracking-the-gsuite-perimeter
[ Pentest ] Living Off the Land - Windows 渗透测试技巧分享： https://liberty-shell.com/sec/2018/10/20/living-off-the-land/
[ Tools ] SpoolerScanner - 检测 Windows 远程打印机服务是否开启的工具： https://github.com/vletoux/SpoolerScanner
[ Tools ] DarkSpiritz - 针对 UNIX 系统的渗透测试框架： https://github.com/DarkSpiritz/DarkSpiritz
[ Windows ] Userland API 监控与代码注入检测： https://0x00sec.org/t/userland-api-monitoring-and-code-injection-detection/5565

[ Android ] 最新引入的 Android Protected Confirmation 介绍: https://android-developers.googleblog.com/2018/10/android-protected-confirmation.html
[ Mobile ] 介绍如何解锁 Bootloader 并通过 Magisk Root Google Pixel 3 ： https://www.xda-developers.com/google-pixel-3-unlock-bootloader-root-magisk/
[ Mobile ] 从4G基站 Fuzz 你的手机: https://www.youtube.com/watch?v=kPLR33PNkvQ&feature=youtu.be
[ Tools ] Foxtrot C2 - 通过端到端应用程序级加密，安全地在内部外部网络节点之间有效传递 Payload 和命令: http://www.irongeek.com/i.php?page=videos/derbycon8/stable-11-foxtrot-c2-a-journey-of-payload-delivery-dimitry-snezhkov
[ Vulnerability ] Drupal SA-CORE-2018-006 漏洞公告，含多处严重漏洞: https://www.drupal.org/sa-core-2018-006
[ Vulnerability ] Nginx off-by-slash 配置错误漏洞利用技巧: https://twitter.com/x0rz/status/1052899891624710145
[ WirelessSecurity ] 详细介绍蓝牙相关的安全威胁： https://www.smartlockpicking.com/slides/Hardwear_2018_BLE_Security_Essentials.pdf