腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Kwetza : Allows infecting an existing Android application w/ Meterpreter payload : https://github.com/sensepost/kwetza ,Details: https://sensepost.com/blog/2016/kwetza-infecting-android-applications/
"Kwetza - 在已有 APK 的情况下,注入 Meterpreter Payload 的工具︰ https://t.co/ZwemsvEMJj 技术细节︰ https://t.co/CNTHCse71w"
-
[ Browser ] a single byte write opened a root execution exploit: https://daniel.haxx.se/blog/2016/10/14/a-single-byte-write-opened-a-root-execution-exploit/ I blogged about our recent c-ares security vulnerability
" Chrome OS c-ares 组件的一个漏洞,改写一个字节,实现 Root 代码执行(CVE-2016-5180)︰ https://t.co/n0uVPiZx1i "
-
[ Browser ] Open any local folder/file in IE11 (and more) using MSHH #PoC http://pastebin.com/raw/fp7fDuXJ
"在 IE11 中打开本地文件夹或文件,PoC: https://t.co/qcULZalE1s"
-
[ Linux ] Linux SRP Overwrite and ROP : http://buffered.io/posts/linux-srp-overwrite-and-rop/ cc @ TheColonial
" Linux SRP Overwrite and ROP︰ https://t.co/hHgAgVeijd "
-
[ macOS ] New Post: MacOS File Movements https://forensic4cast.com/2016/10/macos-file-movements/
" MacOS 文件移动细节: https://t.co/CmHPWysQVg"
-
[ Malware ] A Brazilian Trojan Using A Jar File, VB Scripts And A DLL For Its Multi-Stage Infection http://blog.fortinet.com/2016/10/14/a-brazilian-trojan-using-a-jar-file-vb-scripts-and-a-dll-for-its-multi-stage-infection
"巴西木马 Java/Banload.BD!tr 通过 Jar 文件、VB 脚本、DLL 实现它的多阶段感染: https://t.co/QBsVK5GE4m"