腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/06/26

Sebas Guerrero ⚡ @0xroot

[ Android ] Android Anti-Hooking techniques in Java - http://d3adend.org/blog/

"Android Anti-Hooking Techniques in Java： https://t.co/zokEn3xq2J"
Binni Shah @binitamshah

[ Exploit ] Writing Exploits for Win32 Systems from Scratch : https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/ https://t.co/VL6UXBtwiV

"为 Win32 系统写 Exploit，来自 NCC Group︰ https://t.co/EmaKUXNuhl https://t.co/VL6UXBtwiV"
JP Aumasson @veorq

[ Linux ] on GitHub: SGX SDK, PSW, and drivers for Linux https://github.com/01org/linux-sgx https://github.com/01org/linux-sgx-driver @ iamcorso

" Intel SGX 防护技术在 Linux 系统的实现： https://t.co/sP1EcNiU0l Intel SGX Linux 驱动： https://t.co/yFwjofsXSC "
Nicolas Krassas @Dinosn

[ macOS ] Reverse engineering Apples EFI firmware password reset functionality https://reverse.put.as/2016/06/25/apple-efi-firmware-passwords-and-the-scbo-myth/

" 逆向 Apple EFI 固件的密码重置功能： https://t.co/SnHPitrxXL"
Nicolas Krassas @Dinosn

[ Malware ] RockLoader Delivers New Bart Encryption Ransomware http://phishme.com/rockloader-downloading-new-ransomware-bart/

"RockLoader 下载器开始传播 Bart 勒索软件，来自 PhishMe Blog： https://t.co/kljp4NYnpk"
jnazario @jnazario

[ Network ] IP address geo-location by passively measuring TCP/IP round-trip times to a few servers around the world http://geoloc.foremski.pl/index.html

" 通过监控几轮的 TCP/IP 数据交互，就可以被动地获取到 IP 地址的物理位置信息： https://t.co/4hXhgdcjll "
Binni Shah @binitamshah

[ Network ] Analyzing Network Traffic using Julia : https://brandonkmiller.com/?blog%2Fanalyzing-network-traffic-with-julia

" 用 Julia 语言分析网络流量︰ https://t.co/6ZODEJrbeQ"
Full Disclosure @SecLists

[ Others ] #146416 Ruby:HTTP Header injection in 'net/http' http://goo.gl/fb/c17CJ4 #FullDisclosure

" Ruby 'net/http' 模块 HTTP Header 注入漏洞： https://t.co/nNk6cJZTQj "
Justin Seitz @jms_dot_py

[ Pentest ] Automated Reverse Image Search Part 2: Vimeo | Automating OSINT Blog http://bit.ly/28TEN8l

" 如何从 Vimeo 提取视频的预览图片，然后根据图片信息反向搜索： https://t.co/GvINugdeVN"
Binni Shah @binitamshah

[ Pentest ] From LFI to RCE in php : https://dustri.org/b/from-lfi-to-rce-in-php.html

" PHP 从本地文件包含（LFI）到 RCE: https://t.co/D7URNu4jpS"
Jóseph Mlodzìanowskì @cedoxX

[ Popular Software ] Lenovo plugs severe security holes in PC support tool preinstalled on PCs ehm, aka back doors http://www.pcworld.com/article/3088545/security/lenovo-patches-two-high-severity-flaws-in-pc-support-tool.html

"联想刚刚修复了预装支持工具的两个严重漏洞，来自 PC World 的报道： https://t.co/YRyvFzyQfd "
Insinuator @Insinuator

[ Protocol ] New blog post: VoLTE Security Analysis, part 2 https://www.insinuator.net/2016/06/volte-security-analysis-part-2/

" VoLTE（基于 IMS 的语音服务）安全性分析 Part 2： https://t.co/WfiayJ2Osd"
Binni Shah @binitamshah

[ Tools ] Security Onion – A Linux distro for intrusion detection, network security monitoring,log : https://security-onion-solutions.github.io/security-onion/ https://t.co/wY0w60tHFr

" Security Onion — 一款定制版 Linux，支持入侵检测、安全监控、日志管理等功能，基于 Snort, Suricata, Bro, OSSEC, Sguil 等多种工具︰ https://t.co/KwxltuRZO6 https://t.co/wY0w60tHFr"
Jóseph Mlodzìanowskì @cedoxX

[ Tools ] Suricata 3.1 - Open Source IDS / IPS / NSM engine -- http://www.kitploit.com/2016/06/suricata-31-open-source-ids-ips-nsm.html

" 开源 IDS/IPS/NSM 引擎 Suricata 更新 3.1 版本： https://t.co/gpc2cnn8fl"
Jóseph Mlodzìanowskì @cedoxX

[ Tools ] Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs http://www.kitploit.com/2016/06/detux-multiplatform-linux-sandbox.html

"Detux - 用于分析恶意软件流量的沙盒系统： https://t.co/hKXowy1d2M GitHub Repo： https://github.com/detuxsandbox/detux "
Nicolas Krassas @Dinosn

[ Web Security ] PayPal fixed a flaw that allowed attackers to deliver malicious images http://securityaffairs.co/wordpress/48702/hacking/paypal.html

" Aditya K Sood 的研究员发现 Paypal 的支付页面可以通过 URL 的 'image_url' 参数嵌入一张图片， Paypal 目前已经修复了该漏洞，来自 SecurityAffairs 的报道： https://t.co/VJbkR9GvrZ"
Jóseph Mlodzìanowskì @cedoxX

[ Web Security ] Shadowd - Collection Of Tools To Detect, Record And Prevent Attacks On Web Applications -- http://www.kitploit.com/2016/06/shadowd-collection-of-tools-to-detect.html

"Shadowd - Web 应用漏洞攻击检测、记录和防护工具的集合： https://t.co/e7l1tPoHZU"
James Forshaw @tiraniddo

[ Windows ] Here's the PS demo files from my Recon talk https://drive.google.com/file/d/0B5sMkPVXQnfPNUtNTEpqc0xfZU0/view?usp=sharing Don't run createprocessex.ps1 on Win10 unless you like rebooting :-)

" James Forshaw 在 RECon 会议演讲《Process Failure Modes》的示例代码： https://t.co/EiCKIvnF5f "
Taylor Brown @Taylorb_msft

[ Windows ] #DockerCon Slides - Docker/Windows Internals https://1drv.ms/p/s!Ao9M7GdY5vB9pZ07BVZfgTa34C_kVw https://t.co/PintnDC5Lv

" Windows Server 版 Docker 实现内幕，来自 DockerCon 会议的 PPT： https://t.co/7n5j5wtCHr https://t.co/PintnDC5Lv"
sessionpool @sessionpool

[ Windows ] Know your Windows Processes or Die Trying http://sysforensics.org/2014/01/know-your-windows-processes/

" Windows 系统几个关键进程的介绍以及相互之间的关系： https://t.co/OpdlC9MoPX"
James Forshaw @tiraniddo

[ Windows ] Trivial Kernel NPD in NtCreateProcessEx, guess MS QA isn't what is used to be. https://bugs.chromium.org/p/project-zero/issues/detail?id=852 at least I can release my Recon demos

" Windows NtCreateProcessEx 空指针引用漏洞，来自 Project Zero Issue 852： https://t.co/dNtODNR9zp 该漏洞目前的状态是 'WontFix' "

2016/06/26