腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Browser ] Safari Browser: Builtin JavaScript allows Function.caller to be used in strict mode https://bugs.chromium.org/p/project-zero/issues/detail?id=1032
"Safari 浏览器 Builtin JS 允许在 strict mode 下使用 Function.caller(CVE-2017-2446),这样一些敏感的 API 可以被直接调用: https://t.co/zZIUUI2B94"
-
[ Browser ] Safari Browser: Out-of-bounds read when calling bound function https://bugs.chromium.org/p/project-zero/issues/detail?id=1033
"Safari Browser: Out-of-bounds read when calling bound function(CVE-2017-2447): https://t.co/J1mQMsuSsM"
-
[ Industry News ] Threatpost | APT29 Used Domain Fronting, Tor to Execute Backdoor http://bit.ly/2oavG76
"APT29 组织被发现利用 Domain Fronting 和 TOR 技术,将后门成功隐藏了 2 年: https://t.co/Xs4bDfAKA7"
-
[ macOS ] About the security content of macOS Sierra 10.12.4 https://support.apple.com/en-us/HT207615
"苹果今天发布了多个产品的版本更新,包括 iOS 10.3、macOS 10.12.4、tvOS 10.2、watchOS 3.2,本次更新修复了多个漏洞: https://support.apple.com/zh-cn/HT201222 https://support.apple.com/en-us/HT207617 https://support.apple.com/en-us/HT207615"
-
[ Mobile ] Owning OnePlus 3/3T with a Malicious Charger (CVE-2017-5622) : https://alephsecurity.com/2017/03/26/oneplus3t-adb-charger/
"利用充电器搞定 OnePlus 3/3T(拥有 adb 访问权限的 Charger Boot Mode),搞定之后可以获得 root shell,替换系统分区: https://t.co/JCuPAJI1Ko"
-
[ Others ] A journey into Radare 2 – (Part 1) : Simple crackme : https://www.megabeets.net/a-journey-into-radare-2-part-1/ , Source-code : https://github.com/ITAYC0HEN/A-journey-into-Radare2/blob/master/Part%201%20-%20Simple%20crackme/megabeets_0x1.c
"Radare 2 教程–第一章:简单的 Crack Me https://t.co/erRTmw1trI 源代码: https://t.co/NwtYZaPSvU"
-
[ Others ] Created a new DNS lookup gadget for Java deserialization in @ frohoff 's ysoserial. Inspired by @ h3xstream https://blog.paranoidsoftware.com/triggering-a-dns-lookup-using-java-deserialization/
"利用 Java 反序列化漏洞触发 DNS 查询以泄露应用数据: https://t.co/OR1wKVNmBV"
-
[ Others ] How to Extract Data from Wikipedia and Wikidata via Google Spreadsheets: https://linktosheets.com/extract-data-from-wikipedia-wikidata/
"如何从 Wikipedia 和 Wikidata 中提取数据︰ https://t.co/aBO3Mpb9Ct"
-
[ Tools ] ScratchABit (1.7) : Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API : https://github.com/pfalcon/ScratchABit
"ScratchABit -- 具有控制流分析功能的交互式反汇编工具,支持 IDAPython API 编写扩展模块︰ https://t.co/BqjEtf1yhv"
-
[ Tools ] python-for-android : Turn your Python application into an Android APK : https://github.com/kivy/python-for-android
" python-for-android -- 将 Python 应用转换成 Android APK 的打包工具: https://t.co/8TaPH0NRkX"
-
[ Tools ] some fw #RE helper i wrote a while ago: gdbida - a visual bridge between a GDB session and IDA Pro's disassembler https://github.com/comsecuris/gdbida
"gdbida -- 在 IDA 反汇编器和 GDB 之间同步信息的一个工具,可以在 IDA 中实时查看 GDB 中被调试程序的指令反汇编信息: https://t.co/e4voP54YtO "
-
[ Vulnerability ] Just opened a bug report for WebSockify Stack based Buffer Overflow (Interesting bug) https://github.com/novnc/websockify/issues/274
"WebSocket <-> TCP 代理库 Websockify 昨天修复了一个栈缓冲区溢出漏洞: https://t.co/cw7XVac5hK"
-
[ Windows ] Kernel exploit mitigation, prevention, and detection in Win 10. Device Guard VBS and WDATP FTW! https://blogs.technet.microsoft.com/mmpc/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/?platform=hootsuite
"win32 提权漏洞 Exploit 的检测和缓解措施(CVE-2017-0005): https://t.co/7N4fxKCxGG"
-
[ Windows ] IIS 6.0 exploit targeting 2003 R2 (PROPFIND If: header): [CVE-2017-7269] https://github.com/edwardz246003/IIS_exploit
"Windows Server 2003 R2 IIS 6.0 WebDAV ScStoragePathFromUrl() 缓冲区溢出漏洞 Exploit(CVE-2017-7269),该漏洞在 2016 年 7/8 月时被发现野外利用: https://t.co/R9GHqlUfOb"
-
[ WirelessSecurity ] My slides discussing GPS Spoofing to attack NTPd & consequences from @ BSidesCbr are up https://zxsecurity.co.nz/presentations/201703_BSidesCBR-ZXSecurity_Practical_GPS_Spoofing.pdf code: https://t.co/a1Aaapqmhc
"《GPS 欺骗实战手册》,此为新西兰安全公司 ZX Security 在 BSIdesCBR 2017 会议的演讲: https://t.co/wKYNIQZ99o 代码︰ https://t.co/a1Aaapqmhc"
-
Xuanwu Spider via vantagepoint.sg[ Android ] Android ART 中的反调试技巧: http://www.vantagepoint.sg/blog/88-anti-debugging-fun-with-android-art
-
Xuanwu Spider via mottoin.com
[ Android ] Android 漏洞分析:CVE-2017-0497 TIFF SkRawCodec:http://www.mottoin.com/99247.html CVE-2017-0475: http://www.mottoin.com/99237.html
-
Xuanwu Spider via Github
[ macOS ] 一発入魂 - XNU内核漏洞分析与利用,来自蒸米在 2017 先知白帽大会的演讲: https://github.com/zhengmin1989/MyArticles/blob/master/PPT/2017XianZhiBaiMao_Spark.pdf
-
Xuanwu Spider via 看雪
[ MalwareAnalysis ] FlokiBot 银行木马详细分析: http://weibo.com/ttarticle/p/show?id=2309404089979117645300
-
Xuanwu Spider via 百度云盘
[ Others ] 360 网络安全实验室在 2017 先知白帽大会的演讲《DNS中的奇葩数据》,百度云盘,密码:q3yb: https://pan.baidu.com/s/1kVHlGph
-
Xuanwu Spider via FreeBuf
[ Others ] 反混淆:恢复被OLLVM保护的程序: http://www.freebuf.com/articles/terminal/130142.html
-
Xuanwu Spider via Github
[ Others ] 猪猪侠在 2017 先知白帽大会的演讲《我的白帽学习路线》: https://github.com/ring04h/papers/blob/master/%E6%88%91%E7%9A%84%E7%99%BD%E5%B8%BD%E5%AD%A6%E4%B9%A0%E8%B7%AF%E7%BA%BF--20170325.pdf
-
Xuanwu Spider via microsoft 'S blog
[ Tools ] VS2017 中支持用户自定义编译器,比如 Clang、GCC 等: https://blogs.msdn.microsoft.com/c/2017/03/27/%E5%9C%A8visual-studio%E4%B8%AD%E4%BD%BF%E7%94%A8%E4%BB%BB%E4%BD%95c%E7%BC%96%E8%AF%91%E5%99%A8/
-
Xuanwu Spider via 破-见 's weibo
[ Web Security ] WAF 是时候和正则表达式: http://weibo.com/5261507198/EBQCjyBHa
-
Xuanwu Spider via Github
[ Windows ] pgboy1988 公开了其在 CanSecWest 2017 会议关于 win32k Composition 攻击面 演讲的 PPT 和两个漏洞 PoC: https://github.com/progmboy/cansecwest2017
-
Xuanwu Spider via scz.617.cn
[ Windows ] Windows文件签名简介,作者为 bluerust: http://scz.617.cn/windows/201703172251.txt