腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] v8 v7.2 和 Chrome 72 新功能 Intl.ListFormat 介绍 : https://twitter.com/i/web/status/1074966915557351424
-
[ Browser ] V8 发布 v7.2 版本及相关信息: https://v8.dev/blog/v8-release-72
-
[ Exploit ] 面向初学者的 ROP 指南 : https://bordplate.no/blog/en/post/interactive-rop-tutorial/
-
[ Hardware ] MIPS 指令集架构(ISA)将开源 : https://www.eetimes.com/document.asp?doc_id=1334087
-
[ MalwareAnalysis ] 针对 Sofacy 组织使用 Go 语言开发的新 Zebrocy 变体分析: https://unit42.paloaltonetworks.com/sofacy-creates-new-go-variant-of-zebrocy-tool/
-
[ Others ] 如何在可执行代码中搜索存在漏洞的静态链接库函数,来自 Project Zero: https://googleprojectzero.blogspot.com/2018/12/searching-statically-linked-vulnerable.html
-
[ Pentest ] Web 根目录下由于隐藏目录和文件(如 .git. svn) 导致信息泄漏的利用技巧: https://medium.com/@_bl4de/hidden-directories-and-files-as-a-source-of-sensitive-information-about-web-application-84e5c534e5ad
-
[ Popular Software ] Microsoft Outlook Vulnerability 处理 RWZ 文件时的堆内存破坏漏洞详细分析(CVE-2018-8587): https://www.fortinet.com/blog/threat-research/a-deep-analysis-of-the-microsoft-outlook-vulnerability-.html
-
[ ReverseEngineering ] Code Check(mate) in SMM : https://www.synacktiv.com/posts/exploit/code-checkmate-in-smm.html
-
[ Tools ] Linux Kernel 防御地图: https://github.com/a13xp0p0v/linux-kernel-defence-map
-
[ Tools ] WinObjEx64 - 一款 Windows 对象资源管理器工具 : https://github.com/hfiref0x/WinObjEx64/blob/master/Docs/Callbacks.pdf
-
[ Tools ] retrieve-osxhash.py - 脚本可以提取OSX Hash并且通过hashcat破解 : https://github.com/highmeh/pentest_scripts/blob/master/retrieve-osxhash.py
-
[ Vulnerability ] 利用任意文件下载漏洞拿到配置文件中的 Azure Key 进而完全控制网站: https://samcurry.net/reading-asp-secrets-for-17000/
-
[ Vulnerability ] 利用 Keybase Helper 实现在 macOS 上的本地提权: https://hackerone.com/reports/397478
-
[ Vulnerability ] SDL Web Content Manager 8.5.0 XML 外部实体注入漏洞披露(CVE-2018-19371): https://www.exploit-db.com/exploits/46000
-
[ Vulnerability ] ELECTRON BOOGALOO - A CASE FOR TECHNODIVERSITY,伪协议 Electron Framework 导致的多个远程代码执行漏洞,来自 ZDI: https://www.zerodayinitiative.com/blog/2018/12/18/top-5-day-two-electron-boogaloo-a-case-for-technodiversity
-
[ Vulnerability ] WordPress 允许攻击者访问管理员功能,可能导致存储型 XSS 和对象注入等严重漏洞: https://blog.ripstech.com/2018/wordpress-post-type-privilege-escalation/
-
[ Crypto ] Cisco Talos 对最近活跃的加密货币矿工间的关系调查: https://blog.talosintelligence.com/2018/12/cryptomining-campaigns-2018.html
-
[ iOS ] iOS 的启动过程和实现双系统启动的方法分享,OFFENSIVE 2019 议题介绍: https://www.offensivecon.org/speakers/2019/max-bazaliy.html
-
[ Virtualization ] 通过 KVM MKTME 来保护虚拟机的数据 : https://schd.ws/hosted_files/kvmforum2018/f6/mktme_kvm_forum_2018.pdf
-
[ Vulnerability ] Linux privilege escalation via trusted $PATH in keybase-redirector: https://hackerone.com/reports/426944