腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News)

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

2017/01/17

TrendLabs @TrendLabs

[ Android ] New post: Practical Android Debugging Via KGDB http://blog.trendmicro.com/trendlabs-security-intelligence/practical-android-debugging-via-kgdb/ @ TrendMicro

"通过 KGDB 进行 Android 内核调试： https://t.co/31bt5YFqJD"
HITB GSEC @HITBGSEC

[ Conference ] The Call for Papers for #HITBGSEC Singapore is now open! http://gsec.hitb.org/cfp/ Submissions due by April 30th (Event is Aug 21st - 25th)

"HITBGSEC Singapore 大会现已公开征集议题，议题提交截止时间： 4 月 30 日，大会将于今年 8 月 21-25 日期间进行： https://t.co/wW4PMDBqbo ; "
{ouz} @OguzhanTopgul

[ Crypto ] Security Analysis of the Telegram IM https://www.susanka.eu/files/master-thesis-final.pdf

"针对 Telegram IM 的安全分析（Paper）: https://t.co/zYMfUqYxYg"
Nikolaos Chrysaidos @virqdroid

[ IoTDevice ] Samsung SmartCam iWatch Root Exploit - https://www.exploitee.rs/index.php/Samsung_SmartCam%E2%80%8B#iWatch_install.php_Remote_Root_Command_Execution

"Samsung SmartCam iWatch Root 漏洞利用： https://t.co/vEIKvUJcbg"
Countercept @countercept

[ MalwareAnalysis ] #Qadars banking trojan - decrypting its C2 network traffic. Read the latest tech blog by our #threat-hunters via https://t.co/cLtcjcegyg

"解密 Qadars 银行木马 C2 网络通信流量： https://t.co/cLtcjcegyg"
Binni Shah @binitamshah

[ Others ] AxleOS : a UNIX-like kernel + userspace : https://github.com/codyd51/axle https://t.co/F0qS7lZPsu

"AxleOS -- 一个小型的类 unix 内核操作系统︰ https://t.co/Wq3pZAh94R https://t.co/F0qS7lZPsu"
dragosr @dragosr

[ Others ] resolving API call memory addresses using the Import/Export Address Tables for position independent shellcode http://goo.gl/MjBLF6

"在 Shellcode 中利用 IAT 和 EAT 解析内存中的 API 地址： https://t.co/SMFOu1Mwg0"
Dawid Golunski @dawid_golunski

[ Others ] [SRC / PwnScriptum_RCE_exploit.py VER 1.1] #phpmailer / #swiftmailer / #zend - RCE #exploit - #infosec #itsecurity https://t.co/PE8cMw9hZR

"PHPMailer / Zend-mail / SwiftMailer 远程代码执行漏洞 exp(CVE-2016-10033/10045/10034/10074)： https://t.co/PE8cMw9hZR"
Nicolas Krassas @Dinosn

[ Others ] Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri

"一波基于 'data URI' 针对 Gmail 的钓鱼活动袭来： https://t.co/sZJTrRScXT"
Nicolas Krassas @Dinosn

[ Pentest ] Hack the Pentester Lab: from SQL injection to Shell II (Blind SQL Injection) http://www.hackingarticles.in/hack-pentester-lab-sql-injection-shell-ii-blind-sql-injection/

" Pentester Lab课程 'from SQL injection to Shell II' 的通关流程详解： https://t.co/bxhLgV0xsT"
Full Disclosure @SecLists

[ Popular Software ] Apple (iTunes Notify) - Filter Bypass & Persistent Web Vulnerability https://goo.gl/fb/CQbj4O #FullDisclosure

"Apple (iTunes Notify) 绕过 XSS 过滤器并实现持久化控制： https://t.co/OWd5wG8Xx5 "
Johan van der Knijff @bitsgalore

[ Tools ] Detecting broken ISO images: introducing Isolyzer http://openpreservation.org/blog/2017/01/13/detecting-broken-iso-images-introducing-isolyzer/ New blog on @ openpreserve, feedback appreciated!

"Isolyzer -- 检测损坏的 ISO images： https://t.co/6HXNKKYnsx "
CyberPunk Inc @Hackers_toolbox

[ Tools ] Intel Engine Firmware Analysis Tool: MEAnalyzer https://n0where.net/intel-engine-firmware-analysis-tool-meanalyzer/ #InfoSec #CyberSecurity

"MEAnalyzer -- Intel Engine 固件分析工具： https://t.co/G8TXrNQF6x"
Binni Shah @binitamshah

[ Tools ] waveconverter : An Open Source tool for RF reverse engineering : https://github.com/paulgclark/waveconverter https://t.co/7LKJqI02Hv

"waveconverter -- 一个开源的 RF 逆向工具︰ https://t.co/xohH2udNjp https://t.co/7LKJqI02Hv"
herrcore @herrcore

[ Tools ] Weekend project: automatic IAT rebuilder in Python! I built it because I couldn’t find one… https://github.com/OALabs/PyIATRebuild #DFIR #malware #tools

"PyIATRebuild -- 一个用于自动化重建基于内存导出的 PE 文件 IAT 表的 Python 库： https://t.co/mXeciT7dGq "
Hossein Lotfi @hosselot

[ Windows ] Bypassing Control Flow Guard in Windows 10: https://improsec.com/blog//bypassing-control-flow-guard-in-windows-10

"Windows 10 CFG 绕过: https://t.co/6Bq868DDLH"
Enomis @shellcode_it

[ Windows ] I released the Windows Kernel Exploitation pdf! http://www.hacking-training.com/download/WKE.pdf Thanks to @ HackSysTeam for his Vulnerable Driver!

"Hacking 教程之 Windows 内核漏洞利用，来自 HackSysTeam： https://t.co/DjBrBqidH7 ！"
Binni Shah @binitamshah

[ WirelessSecurity ] ESP8266 WiFi Garage Door Opener from any Web Browser : http://www.whiskeytangohotel.com/2017/01/esp8266-wifi-garage-door-opener-from.html https://t.co/BHOs5pZtc6

"基于 ESP8266 开发的一款由浏览器控制的 wifi 车库门开启工具︰ https://t.co/kldRi2yp6J https://t.co/BHOs5pZtc6"
Binni Shah @binitamshah

[ WirelessSecurity ] A Peek at GNU Radio’s Buffer Architecture : http://gnuradio.org/blog/buffers/ https://t.co/d0gpjYe4vc

"深入了解 GNU Radio 缓冲区架构︰ https://t.co/68ZLVwXhZ2 https://t.co/d0gpjYe4vc"

Xuanwu Spider via seebug

[ SecurityReport ] 网络安全强国 - 以色列的工控安全之路： http://paper.seebug.org/184/
Xuanwu Spider via project zero

[ SecurityProduct ] 趋势杀软的核心组件 CoreServiceShell.exe 监听本地端口，提供 HTTP 服务，Project Zero Tavis 发现其中存在多个漏洞： https://bugs.chromium.org/p/project-zero/issues/detail?id=775
Xuanwu Spider via usenix

[ Tools ] Cling -- 能够缓解悬空指针问题的一款内存分配器： https://www.usenix.org/legacy/event/sec10/tech/full_papers/Akritidis.pdf
Xuanwu Spider via project zero

[ Android ] Android SensorHub ssp_batch_ioctl 的一个越界写漏洞： https://bugs.chromium.org/p/project-zero/issues/detail?id=966
Xuanwu Spider via geoffchappell

[ Windows ] 研究员 Geoff Chappell 关于 Window、IE 的一些个人研究笔记： http://www.geoffchappell.com/notes/index.htm
Xuanwu Spider via Github

[ Windows ] 基于 TSX 的 CFI 保护实现原型： https://github.com/eurecom-s3/tsxcfi

2017/01/17