腾讯玄武实验室安全动态推送
Tencent Xuanwu Lab Security Daily News
-
[ Forensics ] InfoSecInstitute 公开了一份详细的数字取证相关的系列教程: http://resources.infosecinstitute.com/category/computerforensics/introduction/areas-of-study/digital-forensics/
-
[ Industry News ] 由于 AMD 处理器不允许 Memory References,所以新加入的 Page Table Isolation 保护机制默认在 AMD 处理器上被禁用了: https://lkml.org/lkml/2017/12/27/2
-
[ Industry News ] PoC||GTFO 杂志第 0x17 期发布了: https://www.alchemistowl.org/pocorgtfo/
-
[ iOS ] iOS 内核调试教程: http://www.instructables.com/id/IOS-Kernel-Debugging/
-
[ Linux ] Linux 内核新引入的 Page Table Isolation 保护机制的分析: http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table
-
-
[ SecurityProduct ] All Your Docs Are Belong To Us - 逆向 Kaspersky 杀软引擎,自己添加一个新 Signature: https://objective-see.com/blog/blog_0x22.html
-
-
[ Tools ] VulnWhisperer - 漏洞数据和报告汇总工具: https://github.com/austin-taylor/VulnWhisperer
-
[ Tools ] DUMLRacer - Root Exploit for DJI Drones and Controllers: https://github.com/CunningLogic/DUMLRacer ;
-
[ Tools ] Chimay-Red - 来自 Vault 7 CIA 泄漏的 Mikrotik 漏洞利用 POC: https://github.com/wsxarcher/Chimay-Red
-
[ Web Security ] 通过 Flash 实现 JSON CSRF: https://exploitstube.com/json-csrf-with-flash-swf-file.html
-
[ Windows ] Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory: https://adsecurity.org/?p=3592
-
[ Browser ] Chrome 浏览器输入 file://.//pipe/ 可以查看打开的 Named Pipe: https://twitter.com/_xpn_/status/946878269940527104
-
[ Browser ] Breaking Browsers: Hacking Auto-Complete : https://www.slideshare.net/jeremiahgrossman/breaking-browsers-hacking-autocomplete-blackhat-usa-2010
-
-
[ Exploit ] 利用华为路由器漏洞(CVE-2017-17215)发起 Satori 和 Brickerbot Botnet 攻击的恶意样本源码公开了: http://securityaffairs.co/wordpress/67227/malware/cve-2017-17215-exploit-code.html https://pastebin.com/4nzunPB5
-
[ Fuzzing ] Steelix: program-state based binary fuzzing: https://www.semanticscholar.org/paper/Steelix-program-state-based-binary-fuzzing-Li-Chen/d9b98ccc75ec1a464e84121916fb39838dc61862
-
[ MachineLearning ] DGA 域名的死亡游戏,来自 Nominum: https://www.nominum.com/tech-blog/death-match-domain-generation-algorithms/
-
-
-
[ Others ] 如何通过 VMWare Player 搭建 Linux 内核双机调试环境: https://animal0day.blogspot.com/2017/12/linux-kernel-debugging-with-vmware.html
-
-
[ Popular Software ] RCE with BMC Server Automation: https://nickbloor.co.uk/2018/01/01/rce-with-bmc-server-automation/
-
[ SecurityProduct ] Fortinet FortiClient的Windows系统提权登录漏洞(附PoC): http://www.freebuf.com/articles/terminal/158417.html
-
[ SecurityReport ] 2017年度安全报告--Office, 来自 360CERT: https://mp.weixin.qq.com/s/M1F8WTnRajEcuavJ7xRr4g
-