腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Android ] MobSF 0.9.5 released Android ARM Emulator for Dynamic Analysis. https://www.youtube.com/watch?v=hD2zK0agMJk Thanks @ Matandobr Download: https://t.co/3DxXtwWTWj
" 手机安全分析框架 MobSF 更新 v0.9.5.2 Beta 版本,支持用 Android ARM 模拟器进行动态分析︰ https://t.co/3DxXtwWTWj"
-
[ Browser ] Garbage collection in V8, an illustrated guide: https://github.com/lrlna/sketchin/blob/master/guides/garbage-collection-in-v8.md
"图解 v8 引擎的垃圾回收机制︰ https://t.co/mpzc8YekTq"
-
[ Browser ] SOP bypass / UXSS – Tweeting like Charles Darwin (Edge) - Broken Browser https://www.brokenbrowser.com/sop-bypass-uxss-tweeting-like-charles-darwin/
" domainless about:blanks + data/meta 实现的 SOP Bypass: https://t.co/YoH7letU1d"
-
[ Hardware ] Great RE stuff "Intel ME: The Way of Static Analysis" by @ _Dmit #TR17 blog: http://blog.ptsecurity.com/2017/04/intel-me-way-of-static-analysis.html video: https://youtu.be/2_aokrfcoUk
"Intel ME(管理引擎)的静态分析,Intel ME 是采用 Intel CPU 芯片的计算机中一个独立的处理器,关机后它也一直在运行︰ https://t.co/sepXKfJhK4 video︰ https://t.co/3icdSKjK0K"
-
[ MalwareAnalysis ] FlexSpy Application Analysis (Part 2) : http://www.cybermerchantsofdeath.com/blog/2017/04/23/FlexiSpy-pt2.html , Part 1 : http://www.cybermerchantsofdeath.com/blog/2017/04/23/FlexiSpy.html
"FlexiSpy 泄露的安卓间谍应用源码分析 part 2: https://t.co/xBByEvZSqL,part 1: https://t.co/Qdc8J1VrAF"
-
[ Others ] ? Blog: How I rendered DOM to a canvas so I can use CSS layouting and text rendering in WebGL (and WebVR!) https://t.co/oOeJumuvso
"在使用 OpenGL 库绘图时,可以复用浏览器的布局和渲染引擎,减小工作量: https://t.co/oOeJumuvso"
-
[ Popular Software ] <?xml;phpinfo();?> bypass for @ModSecurity rule SecRule ARGS "@rx <\?(?!xml)" Local File Inclsion/Shell Upload from https://t.co/d41KJYQ2rj
"ModSecurity 规则编写指导: https://t.co/d41KJYQ2rj"
-
[ Popular Software ] We just disclosed our 300th Vulnerability! Affecting Adobe Reader DC Pro: http://srcincite.io/advisories/src-2017-0002/ http://srcincite.io/advisories/src-2017-0003/
"Adobe Acrobat Pro DC ImageConversion TIFF 解析存在 UAF 漏洞可导致远程代码执行(CVE-2017-3026)︰ https://t.co/19IX7NhKbg "
-
[ Rootkit ] BIOS Based Rootkits https://n0where.net/bios-based-rootkits/ #InfoSec #CyberSecurity
" 基于 BIOS 的 Rootkit 研究: https://t.co/4xwIj6aTAs "
-
[ Tools ] Online x86 / x64 Assembler and Disassembler : https://defuse.ca/online-x86-assembler.htm
"在线的 x86 / x64 汇编与反汇编平台︰ https://t.co/sXbMEsD4Ah"
-
[ Tools ] Manticore, our dynamic binary analysis tool with support for symbolic execution, is now public! https://github.com/trailofbits/manticore/
"manticore - 一款支持符号执行、污染分析与二进制检测的动态分析工具: https://t.co/SFqwmrNoWL"
-
[ Windows ] Final post in the series: Windows Kernel Local Denial-of-Service #5: win32k!NtGdiGetDIBitsInternal (Windows 7-10), http://j00ru.vexillium.org/?p=3251
"Windows Kernel Local Denial-of-Service 之五: win32k!NtGdiGetDIBitsInternal (Windows 7-10): https://t.co/KnloAIg72E"
-
Xuanwu Spider via 360 网络安全实验室[ Malware ] 一个新IoT僵尸网络正在 HTTP 81上大范围传播: http://blog.netlab.360.com/a-new-threat-an-iot-botnet-scanning-internet-on-port-81-ch/
-
Xuanwu Spider via pentestit.com
[ Tools ] 如何安装方程式泄露的 Fuzzbunch 攻击框架: http://pentestit.com/install-fuzzbunch-danderspritz/
-
Xuanwu Spider via project-zero
[ Vulnerability ] Windows Dolby Audio X2 服务是用 .NET 实现的 DCOM 服务,所以存在 SYSTEM 提权漏洞(CVE-2017-7293),James Forshaw 专门写过一个利用该类漏洞的工具 ExploitDotNetDCOM: https://bugs.chromium.org/p/project-zero/issues/detail?id=1075 https://github.com/tyranid/ExploitDotNetDCOM
-
Xuanwu Spider via pentestlab.blog
[ Windows ] Penetration Testing Lab 发表了一篇 Blog《Windows Kernel Exploits》,关于 Windows 内核提权相关的接近 20 个漏洞,介绍如何发现系统缺失的这些漏洞的补丁,以及如何利用工具攻击这些漏洞: https://pentestlab.blog/2017/04/24/windows-kernel-exploits/