38

每日安全动态推送(06-04)

 5 years ago
source link: http://www.10tiao.com/html/645/201806/2651954778/1.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Xuanwu Lab Security Daily News


  • [ Browser ]  Inside Firefox's DOH engine:

     https://daniel.haxx.se/blog/2018/06/03/inside-firefoxs-doh-engine/


  • [ Browser ]  Chrome Fullscreen UI Spoof(CVE-2018-6097):

    https://bugs.chromium.org/p/chromium/issues/detail?id=806162


  • [ Challenges ]  绕过带有拼写检查的 XSS 过滤器挑战:

     https://brutelogic.com.br/blog/xss-filter-bypass-spell-checking/


  • [ Data Breach ]  因配置不当,Google Groups 上泄露大量敏感数据:

    https://threatpost.com/public-google-groups-leaking-sensitive-data-at-thousands-of-orgs/132455/


  • [ Detect ]  Mimikatz DCsync 检测规则:

    https://github.com/Neo23x0/sigma/blob/master/rules/windows/builtin/win_dcsync.yml


  • [ Industry News ]  美国票务网站 Ticketfly 遭受黑客攻击勒索至今未恢复: 

    https://threatpost.com/ticketfly-major-concert-venues-still-offline-after-hack/132436/


  • [ Industry News ]   IE VBScript 0day PoC 代码发布后就立即被加入了 RIG Exploit Kit:

    https://www.bleepingcomputer.com/news/security/ie-zero-day-adopted-by-rig-exploit-kit-after-publication-of-poc-code/


  • [ iOS ]  iPhone X 11.3.1 越狱利用程序加入了 root 提权与沙盒绕过:

    https://twitter.com/i/web/status/1002896756659707909


  • [ iOS ]  iOS/macOS 0day 分析利用:从沙箱到内核:https://twitter.com/i/web/status/1002583719801249792


  • [ iOS ]  使用 Hopper 为 iOS 应用打补丁:

     https://www.citadel.sh/blog/patching-an-ios-application-with-hopper


  • [ iOS ]  编写 Swift 代码来拦截 SSL Pinning 的 HTTPS 请求:

    https://medium.com/@kennethpoon/lets-write-swift-code-to-intercept-ssl-pinning-https-requests-12446303cc9d


  • [ IoTDevice ]  家庭网关 WPA2 保护绕过研究: 

    https://courk.cc/index.php/2018/06/01/a-remote-vulnerability/#Overflow_Exploitation


  • [ Language ]  PHP 0e 打头的魔法 Hash 列表 : 

    https://pastebin.com/HZFQEKSY


  • [ Linux ]  如何使用 debugfs 和 nf 钩子来远程执行代码:

     https://nbulischeck.io/posts/misusing-debugfs-for-in-memory-rce


  • [ macOS ]   macOS High Sierra 10.13.5 安全更新内容:

     https://support.apple.com/en-gb/HT208849

    Safari 11.1.1 安全更新内容:

     https://support.apple.com/zh-cn/HT208854


  • [ MalwareAnalysis ]  针对 Satan Ransomware 使用的新技术分析:

    https://www.alienvault.com/blogs/labs-research/satan-ransomware-spawns-new-methods-to-spread


  • [ MalwareAnalysis ]  Building a Malwarestein. Adapting and repurposing existing malware into new projects:

    https://speakerd.s3.amazonaws.com/presentations/ef1a7b2706954e86b78aeecbd546b779/Building_a_Malwarstein.pdf


  • [ MalwareAnalysis ]  McAfee 对在全球窃取数据的 Operation GhostSecret 活动的分析:

    https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-operation-ghostsecret-attack-seeks-to-steal-data-worldwide/


  • [ Network ]  网络钓鱼防护 - 公共 DNS 提供商的安全过滤器性能比较:

    https://medium.com/@nykolas.z/phishing-protection-comparing-dns-security-filters-9d5a09849b91


  • [ Others ]  绕过应用白名单限制的小技巧:

    https://snippets.cacher.io/snippet/cc4fe207c0bcc2779faf


  • [ Others ]  propagate: PROPagate 代码注入技术示例: 

    https://github.com/odzhan/propagate


  • [ Others ]  使用 Whois 命令进行文件传输的技巧:https://twitter.com/i/web/status/1001985728342102017


  • [ Pentest ]  PowerShell:使用 CertUtil.exe 进行内存注入攻击:

     https://www.coalfire.com/The-Coalfire-Blog/May-2018/PowerShell-In-Memory-Injection-Using-CertUtil-exe


  • [ Popular Software ]   Git RCE 漏洞分析与利用(CVE-2018-11235): 1)

    https://atorralba.github.io/CVE-2018-11235/2) https://staaldraad.github.io/post/2018-06-03-cve-2018-11235-git-rce/


  • [ ReverseEngineering ]  Ionic 3 应用逆向分析:

     https://www.citadel.sh/blog/reverse-engineering-ionic-applications


  • [ ReverseEngineering ]  逆向移动端游戏 My Tamagotchi Forever :

    http://natashenka.ca/reversing-my-tamagotchi-forever-evolution/


  • [ Sandbox ]  沙盒研究 Part 16:关于符号,ApiSetSchema 库以及其他可用的技术:

    http://www.hexacorn.com/blog/2018/06/02/enter-sandbox-part-16-the-symbols-the-apisetschema-and-other-possible-future-evasions/


  • [ Tools ]  WinPwnage - Windows 各种攻击工具与技术的整合:https://github.com/rootm0s/WinPwnage


  • [ Tools ]  Windows-API-Hashing - 将导出函数进行 Hash 加密混淆的示例:

    https://github.com/LloydLabs/Windows-API-Hashing


  • [ Tools ]  otseca - 开源 Linux 安全审计工具,用于搜索和导出系统配置:https://github.com/trimstray/otseca


  • [ Tools ]  routersploit - 嵌入式设备漏洞利用框架:  

    https://github.com/threat9/routersploit


  • [ Tools ]  maltrail - 恶意流量检测系统: 

    https://github.com/stamparm/maltrail


  • [ Tools ]  使用 Radare2 进行二进制分析:

      https://isc.sans.edu/diary/23723


  • [ Tools ]   Shadow-box  - 轻量级内核保护器,支持 Linux 内核中的页表隔离(PTI):

    https://twitter.com/kkamagui1/status/1002947274454921218


  • [ Tools ]  superdump - 用于自动化分析崩溃内存转储的工具:

    https://github.com/Dynatrace/superdump


  • [ Tools ]  xHook - 针对 Android 平台 ELF 的 PLT hook 库: 

    https://github.com/iqiyi/xHook


  • [ Tools ]   interestingFileScanner - 用于扫描敏感文件泄露的 BurpSuite 插件:

    https://github.com/modzero/interestingFileScanner


  • [ Tools ]  scat - 动态分析二进制程序检索与函数相关信息的工具:

     https://github.com/Frky/scat


  • [ Tools ]  diskover - 基于 Elasticsearch 实现的文件系统搜索分析工具:

    https://github.com/shirosaidev/diskover


  • [ Tools ]  MuddyWater-APT - MuddyWater APT 检测指标:

    https://github.com/socprime/MuddyWater-APT


  • [ Vulnerability ]  不要相信 PID,关于 PID 替换的逻辑漏洞介绍:

    https://saelo.github.io/presentations/warcon18_dont_trust_the_pid.pdf


  • [ Web Security ]  基于 Location 的 XSS Payloads Part 1:

    https://brutelogic.com.br/blog/location-based-payloads-part-i/


  • [ Web Security ]  基于上下文的 XSS 漏洞利用: 

    https://brutelogic.com.br/blog/transcending-context-based-filters/


  • [ Windows ]  Windows 10 DLL 信息收集站点: 

    http://windows10dll.nirsoft.net/index.html


  • [ Windows ]  Windows 套接字重用 ShellCode 编写:https://www.shelliscoming.com/2018/06/windows-reuse-shellcode-based-on.html


  • [ Windows ]  PROPagate 代码注入技术介绍:

     https://medium.com/@0x6b64/background-abdddfdd59d2


  • [ Windows ]  使用 SCCM 和 Viewfinity 提权的技巧:

     https://ninja.style/post/privesc/


  • [ Windows ]  Windows 漏洞利用开发:SEH 和 ROP 链利用:

    http://blog.k3170makan.com/2018/06/windows-exploit-development-exploiting.html


  • [ WirelessSecurity ]  通过蓝牙建立交互式 Shell:

     https://www.tarlogic.com/en/blog/interactive-shell-via-bluetooth/


  • [ WirelessSecurity ]  无线网卡新技巧:通过 Wi-Fi 固件修改增强智能手机的性能和安全性(Paper): 

    http://tuprints.ulb.tu-darmstadt.de/7243/


  • [ macOS ]  macOS 驱动的量化的、可视化的攻击面地图,来自 Proteas 's weibo:

    https://weibo.com/1290630720/GjkzOtK2V?type=comment#_rnd1528089034088


* 搜索历史推送,请用 Google 以 site 关键词限定搜索,如: site:xuanwulab.github.io android fuzz

* 按天查看历史推送内容: https://xuanwulab.github.io/cn/secnews/2018/06/04/index.html

* 新浪微博账号: 腾讯玄武实验室(http://weibo.com/xuanwulab)



report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK