腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2016/10/10

bwall: Brian Wallace @botnet_hunter

[ Detect ] MITMCanary #VB2016 slides are uploaded :) https://www.virusbulletin.com/uploads/pdf/conference_slides/2016/Wallace-vb-2016-detecting-mitm-canary.pdf

"MITMCanary - 检测中间人攻击： https://t.co/eNpXTCukXn 作者还公开了一个工具： https://github.com/CylanceSPEAR/mitmcanary "
Max Bazaliy @mbazaliy

[ iOS ] TaiG patchfinder opensourced - https://github.com/in7egral/taig8-ios-jailbreak-patchfinder

" Taig patchfinder 开源了，这个工具可以帮助我们从二进制内核文件中定位函数偏移： https://t.co/H7Ixac9xx3"
Nicolas Krassas @Dinosn

[ IoTDevice ] Reversing the Smarter Coffee IoT Machine Protocol to Make Coffee Using the Terminal. https://www.evilsocket.net/2016/10/09/IoCOFFEE-Reversing-the-Smarter-Coffee-IoT-machine-protocol-to-make-coffee-using-terminal/#.V_pNbpzrDZ8.reddit

" 逆向智能咖啡机的 IoT 协议，从命令行终端控制煮一杯咖啡： https://t.co/QQrVqxxach"
Ryan Chapman @rj_chap

[ Malware ] Finally posted my @BSidesLV 2016 talk materials. Exposing the Neutrino EK: All the Naughty Bits, the files: https://t.co/dfmPlYrubK

" Exposing the Neutrino EK: All the Naughty Bits︰ https://t.co/dfmPlYrubK"
Binni Shah @binitamshah

[ Tools ] rgat : An instruction trace visualisation tool for dynamic program analysis : https://github.com/ncatlin/rgat https://t.co/va4M9dLHVF

"rgat - 指令执行跟踪可视化工具︰ https://t.co/Ixa4IW64HP "
Florian Roth @cyb3rops

[ Tools ] vsaudit VOIP Security Audit Framework by @ SanvilSrl https://github.com/sanvil/vsaudit https://t.co/EK2Mgpuz0b

" vsaudit - VOIP 服务的安全审计框架： https://github.com/sanvil/vsaudit "
Nicolas Krassas @Dinosn

[ Web Security ] Javascript Leads to Browser Hijacking http://www.kahusecurity.com/2016/javascript-leads-to-browser-hijacking/

"Javascript 借助 wscript.exe 实现的浏览器首页劫持： https://t.co/UCmkSv0WFS"
HackSys Team @HackSysTeam

[ Windows ] Nice slide quoting HackSys Extreme Vulnerable Driver https://www.lse.epita.fr/lse-summer-week-2016/slides/lse-summer-week-2016-06-kernel_windows.pdf

" NT 内核的漏洞利用技术，有一部分内容是基于 HackSys Extreme Vulnerable Driver 的： https://t.co/8ZraTyTBUF"
Binni Shah @binitamshah

[ WirelessSecurity ] Reverse Engineering static key remotes with gnuradio and rfcat : https://leonjza.github.io/blog/2016/10/02/reverse-engineering-static-key-remotes-with-gnuradio-and-rfcat/

" 利用 gnuradio 与 rfcat 逆向出静态明文密钥: https://t.co/GqqEPmQysV"
Oona Windytan @windyoona

[ WirelessSecurity ] CTCSS fingerprinting: a method for transmitter identification (new blog post) http://www.windytan.com/2016/10/ctcss-fingerprinting-method-for.html

"CTCSS 指印：发射机识别方法 https://t.co/BWplVhDofG 的方法"

Xuanwu Spider via FreeBuf

[ Tools ] 神器Nmap web版：Rainmap Lite： http://www.freebuf.com/sectool/115782.html
Xuanwu Spider via GitHub

[ Virtualization ] cadvisor - 分析运行状态容器的资源占用和性能数据的工具： https://github.com/google/cadvisor
Xuanwu Spider via 0xroot 的微博

[ WirelessSecurity ] ooktools: on-off keying tools for your sdr， GitHub： https://github.com/leonjza/ooktools Blog： https://leonjza.github.io/blog/2016/10/08/ooktools-on-off-keying-tools-for-your-sdr/
Xuanwu Spider via 360 NetLab

[ Network ] DNS中的 '无效Rdata'： http://blog.netlab.360.com/invalid-rdata-in-dns/
Xuanwu Spider via 杨君微信公众号

[ iOS ] 黑科技：把第三方 iOS 应用转成动态库： http://mp.weixin.qq.com/s?__biz=MjM5NTIyNTUyMQ==&mid=2709545228&idx=1&sn=7a47a0de32e06f9c465319e8db8ca13f&chksm=828f0bd2b5f882c46416ab20cd9ea482b3c57b202d876b75d5625a1bb036d40fe01d31c2679a&mpshare=1&scene=1&srcid=1009N6R6XQyc1MDWhh0MfG7h#rd
Xuanwu Spider via Seebug

[ Web Security ] Wordpress <= 4.6.1 使用语言文件任意代码执行漏洞分析: http://paper.seebug.org/63/

2016/10/10