Tencent Security Xuanwu Lab Daily News
• CVE-2021-44228(Apache Log4j Remote Code Execution):
https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce
・ Apache Log4j RCE(CVE-2021-44228)Exploit
– Jett
• log4j2 JNDI注入漏洞速通~:
https://lorexxar.cn/2021/12/10/log4j2-jndi/
・ log4j2 JNDI 注入漏洞的复现和分析
– Jett
• [PDF] https://rp.os3.nl/2020-2021/p68/report.pdf:
https://rp.os3.nl/2020-2021/p68/report.pdf
・ Antivirus evasion by user mode unhooking on Windows 10
– Jett
• GitHub – lcatro/qemu-fuzzer: Qemu Fuzzer.针对Qemu模拟设备的模糊测试工具,主要思路是Host生成种子Data,然后传递给Guest中转程序,由中转程序访问MMIO,以达到和模拟设备的交互,不同于qtest自带的fuzzer.:
https://github.com/lcatro/qemu-fuzzer
・ 针对 Qemu 模拟设备的 Fuzzer
– Jett
• [Windows, Vulnerability, Tools] README.md:
https://github.com/cube0x0/noPac
・ 域控管理员提权漏洞(CVE-2021-42287/CVE-2021-42278) Scanner & Exploiter
– Jett
• Log4j2Scan:
https://github.com/whwlsfb/Log4j2Scan
・ Log4j2 RCE Passive Scanner plugin for BurpSuite
– Jett
• Resources:
https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs
・ 使用 Apache Log4j RCE 漏洞发起攻击的源 IP 收集(IOC)
– Jett
• [Tools] active-scan-plus-plus/activeScan++.py at master · PortSwigger/active-scan-plus-plus:
https://github.com/PortSwigger/active-scan-plus-plus/blob/master/activeScan++.py
・ Burp Suite ActiveScan++ 插件也支持扫描 log4j 漏洞了
– Jett
• Exploit samAccountName spoofing with Kerberos:
https://cloudbrothers.info/en/exploit-kerberos-samaccountname-spoofing/
・ Exploit samAccountName spoofing with Kerberos(CVE-2021-42278,CVE-2021-42287)
– Jett
• Installation:
https://github.com/facebook/sapp
・ SAPP – Facebook 开发的用于处理静态代码分析工具 Pysa 分析结果的工具
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-13)