腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] Nathan Android Emulator for mobile security testing has been released: https://github.com/mseclab/nathan Ready for hooking and mobile app testing
"一个可用于移动安全测试的 Android 模拟器︰ https://t.co/RKFdAkNgqO "
-
[ Android ] MicroG Project: A re-implementation of Google's Android apps and libraries : https://microg.org/?=
"MicroG Project -- Android 应用程序及其库的再实现︰ https://t.co/XSS7aPagMG"
-
[ Attack ] Bypassing antivirus with a sharp syringe : https://code.google.com/archive/p/syringe-antivirus-bypass/ , Paper : https://www.exploit-db.com/docs/20420.pdf (pdf)
"Bypassing antivirus with a sharp syringe[paper]: https://t.co/NPqkgSnpgm"
-
[ Attack ] Abusing systemd user services : https://hosakacorp.net/p/systemd-user.html
"Abusing systemd user services︰ https://t.co/nKB2uab2Ao"
-
[ iOS ] Lookout released a 42 page technical document explaining Pegasus (3 iOS vulns) https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf
"Lookout 发布了 iOS 三叉戟漏洞的详细技术分析: https://t.co/d5w4PngFiS"
-
[ Mobile ] MARA_Framework : A Mobile Application Reverse engineering and Analysis Framework : https://github.com/xtiankisutsa/MARA_Framework
"MARA_Framework -- 一个用于逆向移动应用与分析的框架︰ https://t.co/j4ANpdWrSE"
-
[ Others ] Oh look, our x86 to AMD64 DBT scheme http://nebelwelt.net/publications/files/13ATC.pdf reinvented for fuzzing CGC binaries https://blog.trailofbits.com/2016/11/02/shin-grr-make-fuzzing-fast-again/ by @ trailofbits
" memTrace -- 一个轻量级的内存跟踪技术介绍[paper]: http://nebelwelt.net/publications/files/13ATC.pdf"
-
[ Others ] Wrote a new personal blog post - http://ropgadget.com/posts/pebwalk.html "A walk along the PEB: Stepping through PE structures to find function addresses"
"一步步通过 PE 结构查找函数地址: http://ropgadget.com/posts/pebwalk.html"
-
[ Others ] RIG Exploit Kit Campaign - Happy puzzling... http://blog.talosintel.com/2016/11/rig-exploit-kit-campaign-happy-puzzling.html
" Rig Exploit Kit 的感染过程以及它是如何绕过安全软件检测的,来自 Talos: https://t.co/uuTIAWcm18"
-
[ Popular Software ] GitLab disclosed a bug submitted by jobert: https://hackerone.com/reports/178152 #hackerone #bugbounty https://t.co/NxvzGpdcRq
"GitLab CE/EE (versions >=8.9) 存在任意文件读取漏洞: https://hackerone.com/reports/178152 "
-
[ Protocol ] BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) written in C by Thomas Pornin https://bearssl.org
"BearSSL -- 一个用 c 语言实现的 SSL/TLS 协议: https://t.co/nXa2EYs5vh"
-
[ Rootkit ] SEKOIA release a #sednit #APT28 rootkit analysis / a hands on usecase on HideDRV - http://www.sekoia.fr/blog/rootkit-analysis-use-case-on-hidedrv/ cc @ eset @ r00tbsd
"Rootkit analysis Use case on HideDRV: https://t.co/sIXbDCGDle "
-
[ Tools ] visualize_logs Interactive log visualisation in Python by @ keithjjones https://github.com/keithjjones/visualize_logs Docs and Examples… https://t.co/6Y7EPng7BD
"visualize_logs -- 一个用于日志数据可视化的 Python 工具[GitHub]: https://t.co/kiWYkznQB0 ; [Documentation]: https://t.co/6Y7EPng7BD"
-
[ Web Security ] Sparkjava Framework - Arbitrary File Read Vulnerability https://goo.gl/fb/rjCn3y #FullDisclosure
"Java web 框架 Spark 存在任意文件读漏洞: https://t.co/TNoJb3Sycn "
-
[ Windows ] Moving Beyond EMET https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/ EOL extended to July 31, 2018 but Win10 includes all mitigation features that EMET admins rely on
"Microsoft 将于 2018 年 7 月停止对 EMET 5.5x 的更新与支持, EMET 的大部分保护特性都已经集成进 Windows 10: https://t.co/J9n2aNPIDp"
-
[ WirelessSecurity ] Interesting stuff: Wi-Fi-Based IMSI Catcher https://www.blackhat.com/docs/eu-16/materials/eu-16-OHanlon-WiFi-IMSI-Catcher.pdf [PDF], by @ raviborgaonkar & Piers O'Hanlon #BHEU https://t.co/lTGTADnS5N
"来自 BlackHat EU 上的议题:WiFi-Based IMSI Catcher: https://t.co/hTritRfRZA"
-
Xuanwu Spider via 蒸米spark[ iOS ] iOS 越狱相关的精华资料收集: https://github.com/zhengmin1989/GreatiOSJailbreakMaterial
-
Xuanwu Spider via GeekPwn
[ Challenges ] GeekPwn2016跨次元CTF Writeup: http://mp.weixin.qq.com/s?__biz=MzA3Nzc2MjIxOA==&mid=2650317032&idx=2&sn=8d91a9444aef3ee19616b78d057440a5&chksm=87411b2db036923bda0814d9f78f1af9a388075bf2c2c70bfa731ca5b391de954875635f3b20&scene=0#wechat_redirect
-
Xuanwu Spider via Solidot
[ Browser ] 色情网站利用WebSocket绕过广告屏蔽:色情网站总是会在主流网站前面拥抱和采用新的技术。最新的一个例子是Pornhub.com用WebSocket绕过广告屏蔽: http://www.solidot.org/story?sid=50238
-
Xuanwu Spider via Solidot
[ Defend ] ARMv8.3-A中的安全特性:用于防御ROP/JOP攻击的指针验证(Pointer authentication)。这个特性会对寄存器的内容在间接分支和数据引用作为地址使用前进行验证,64位地址的一些最高有效位会作为Pointer Authentication Code (PAC)和地址本身一起存在,验证失败的地址会造成一个异常: http://www.solidot.org/story?sid=50237
-
Xuanwu Spider via Seebug
[ OpenSourceProject ] Exploiting WebKit on Vita 3.60,本篇 PSV 的 Writeup 介绍了一个 Webkit 漏洞的利用思路,同理我们可以将思路发散到其他终端设备上,比如之前的 PS4 1.76版本 Webkit 堆溢出漏洞,Kindle 的越狱 等: http://paper.seebug.org/98/
-
Xuanwu Spider via binjo_ 的微博
[ Windows ] 来自微软调试器团队的工程师讲 WDK and SDK build 14951 版本引入的 WinDbg 的 JavaScript 扩展(视频): https://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-170-Debugger-JavaScript-Scripting
-
Xuanwu Spider via 阿里云先知技术社区
[ Web Security ] 从XSSer的角度测试上传文件功能: https://xianzhi.aliyun.com/forum/read/224.html
-
Xuanwu Spider via 安全客
[ Challenges ] GeekPwn 2016 跨次元 CTF Writeup: http://bobao.360.cn/ctf/detail/174.html
-
Xuanwu Spider via GitHub
[ Android ] Android ADB 调试支持套件的用法总结: https://github.com/mzlogin/awesome-adb
-
Xuanwu Spider via WhiteCellClub
[ Android ] 逆向修改 Android 内核绕过反调试: http://www.whitecell-club.org/?p=1442
-
Xuanwu Spider via 绿盟科技
[ Attack ] 乌克兰电网攻击事件分析: http://blog.nsfocus.net/wp-content/uploads/2016/11/%E4%B9%8C%E5%85%8B%E5%85%B0%E7%94%B5%E7%BD%91%E6%94%BB%E5%87%BB%E5%88%86%E6%9E%9020161101.pdf
-
Xuanwu Spider via GitHub
[ Tools ] Awesome static analysis(静态分析相关的资料): https://github.com/mre/awesome-static-analysis
-
Xuanwu Spider via 微软 Blog
[ Windows ] WSL(Linux 子系统) Antivirus and Firewall Compatibility,谈杀毒软件与 WSL Pico 进程相关的兼容性问题: https://blogs.msdn.microsoft.com/wsl/2016/11/01/wsl-antivirus-and-firewall-compatibility/
-
Xuanwu Spider via 卡巴斯基
[ Attack ] 来自卡巴斯基的 2016 第三季度威胁情报报告: https://securelist.com/analysis/quarterly-malware-reports/76482/it-threat-evolution-q3-2016/ 前几天发布的第三季度 DDoS 情报报告: https://securelist.com/analysis/quarterly-malware-reports/76464/kaspersky-ddos-intelligence-report-for-q3-2016/