每日安全动态推送(12-13)

渗透技巧 2年前 (2021) admin

929 0 0

Tencent Security Xuanwu Lab Daily News

• CVE-2021-44228(Apache Log4j Remote Code Execution）:
https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce

・ Apache Log4j RCE（CVE-2021-44228）Exploit – Jett

• log4j2 JNDI注入漏洞速通~:
https://lorexxar.cn/2021/12/10/log4j2-jndi/

・ log4j2 JNDI 注入漏洞的复现和分析 – Jett

• [PDF] https://rp.os3.nl/2020-2021/p68/report.pdf:
https://rp.os3.nl/2020-2021/p68/report.pdf

・ Antivirus evasion by user mode unhooking on Windows 10 – Jett

• GitHub – lcatro/qemu-fuzzer: Qemu Fuzzer.针对Qemu模拟设备的模糊测试工具,主要思路是Host生成种子Data,然后传递给Guest中转程序,由中转程序访问MMIO,以达到和模拟设备的交互,不同于qtest自带的fuzzer.:
https://github.com/lcatro/qemu-fuzzer

・针对 Qemu 模拟设备的 Fuzzer – Jett

• [Windows, Vulnerability, Tools] README.md:
https://github.com/cube0x0/noPac

・域控管理员提权漏洞（CVE-2021-42287/CVE-2021-42278） Scanner & Exploiter – Jett

• Log4j2Scan:
https://github.com/whwlsfb/Log4j2Scan

・ Log4j2 RCE Passive Scanner plugin for BurpSuite – Jett

• Resources:
https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs

・使用 Apache Log4j RCE 漏洞发起攻击的源 IP 收集（IOC） – Jett

• [Tools] active-scan-plus-plus/activeScan++.py at master · PortSwigger/active-scan-plus-plus:
https://github.com/PortSwigger/active-scan-plus-plus/blob/master/activeScan++.py

・ Burp Suite ActiveScan++ 插件也支持扫描 log4j 漏洞了 – Jett

• Exploit samAccountName spoofing with Kerberos:
https://cloudbrothers.info/en/exploit-kerberos-samaccountname-spoofing/

・ Exploit samAccountName spoofing with Kerberos（CVE-2021-42278，CVE-2021-42287） – Jett

• Installation:
https://github.com/facebook/sapp