腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News) - 2017/09/05

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Android ] Android 官方对 Keystore 的介绍，Keystore 是个基于硬件的可信执行环境服务，可以被操作系统、服务、第三方 APP 使用： https://source.android.com/security/keystore/
[ Conference ] BSidesAMS 2017 大会演讲视频集： https://www.youtube.com/playlist?list=PLwZycuzv10iLBFwRIWNAR-s4iuuUMRuEB
[ macOS ] 如何在运行时修复 macOS 10.9 版本 Swift 4 运行时缺失的 “object_isClass” 方法： https://www.hopperapp.com/blog/?p=219
[ Mobile ] 深度解析Bootloader攻击面，来自 KCon2017： https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_7_%E5%90%B4%E4%BF%8A%E8%B1%AA_%E6%B7%B1%E5%BA%A6%E8%A7%A3%E6%9E%90Bootloader%E6%94%BB%E5%87%BB%E9%9D%A2.pdf
[ Mobile ] 针对 VOLTE 和 VOWiFi 的攻击实战报告，来自 ERNW： https://www.ernw.de/download/newsletter/ERNW_Whitepaper_60_Practical_Attacks_On_VoLTE_And_VoWiFi_v1.0.pdf
[ Others ] 第五代加固技术ARM VMP原理实现与应用，来自 KCon2017： https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_3_%E9%99%88%E6%84%89%E9%91%AB_%E7%AC%AC%E4%BA%94%E4%BB%A3%E5%8A%A0%E5%9B%BA%E6%8A%80%E6%9C%AFARM%20VMP%E5%8E%9F%E7%90%86%E5%AE%9E%E7%8E%B0%E4%B8%8E%E5%BA%94%E7%94%A8.pdf
[ Others ] 利用 PasteHunter 从 Pastebin 中挖掘信息： https://techanarchy.net/2017/09/hunting-pastebin-with-pastehunter/
[ Tools ] 基于 GDB 和 PEDA 的交互式 Linux Exploit 开发环境： http://ropshell.com/peda/Linux_Interactive_Exploit_Development_with_GDB_and_PEDA_Slides.pdf
[ Tools ] macOS 全盘镜像（Image）文件静态解析工具： https://github.com/ydkhatri/mac_apt
[ Windows ] 基于 SetThreadContext 的 DLL 注入： https://blogs.microsoft.co.il/pavely/2017/09/05/dll-injection-with-setthreadcontext/

[ Android ] Android 8.0 Oreo（奥利奥）的整体变化概览： https://arstechnica.com/gadgets/2017/09/android-8-0-oreo-thoroughly-reviewed/
[ Attack ] 揭秘盗取“羊毛党”比特币的钓鱼攻击事件： http://www.freebuf.com/articles/network/145985.html
[ Browser ] URL Spoofing with Modern Browser： https://www.math1as.com/index.php/archives/505/
[ Conference ] KCon 议题 PPT 大放送！: https://paper.seebug.org/382/
[ IoTDevice ] Blue picking – Hacking 蓝牙智能锁，来自 HITB 会议： https://conference.hitb.org/hitbsecconf2017ams/materials/D2T3%20-%20Slawomir%20Jasek%20-%20Blue%20Picking%20-%20Hacking%20Bluetooth%20Smart%20Locks.pdf
[ IoTDevice ] 玩转无人机攻防,来自 Kcon 2017: https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0826_9_KEVIN2600_%E7%8E%A9%E8%BD%AC%E6%97%A0%E4%BA%BA%E6%9C%BA%E6%94%BB%E9%98%B2.pdf
[ Linux ] KTLS: Linux Kernel Transport Layer Security，内核中的安全套接字层，该特性已经在 Linux 内核 4.13 版本中启用： https://netdevconf.org/1.2/papers/ktls.pdf
[ macOS ] OS X/iOS Entitlement Database： http://newosxbook.com/ent.jl?ent=&osVer=MacOS13
[ Mobile ] 分析一个电信劫持跳转下载情色APP的案例： https://www.92ez.com/?action=show&id=23453
[ Mobile ] 从口袋里的伪基站到手持的真基站，来自 Kcon 2017： https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_8_Seeker_%E4%BB%8E%E5%8F%A3%E8%A2%8B%E9%87%8C%E7%9A%84%E4%BC%AA%E5%9F%BA%E7%AB%99%E5%88%B0%E6%89%8B%E6%8C%81%E7%9A%84%E7%9C%9F%E5%9F%BA%E7%AB%99.pdf
[ Tools ] python-adb - 纯 Python 实现的 ADB 和 Fastboot 协议： https://github.com/google/python-adb
[ Virtualization ] 探索虚拟化技术在漏洞检测中的应用，来自 Kcon 2017： https://github.com/knownsec/KCon/blob/master/2017/%5BKCon%202017%5D0827_4_%E4%BB%99%E6%9E%9C_%E6%8E%A2%E7%B4%A2%E8%99%9A%E6%8B%9F%E5%8C%96%E6%8A%80%E6%9C%AF%E5%9C%A8%E6%BC%8F%E6%B4%9E%E6%A3%80%E6%B5%8B%E4%B8%AD%E7%9A%84%E5%BA%94%E7%94%A8.pdf
[ Vulnerability ] 联想最新修复了一个 BIOS SMI Handler 的输入验证 SMM 提权漏洞（CVE-2017-3753），影响多款桌面台式机和工作站： https://support.lenovo.com/us/zh/product_security/len-14695