Tencent Security Xuanwu Lab Daily News
• Attacking Java RMI via SSRF:
https://blog.tneitzel.eu/posts/01-attacking-java-rmi-via-ssrf/
・ Attacking Java RMI via SSRF
– Jett
• Keylogging Across The Operating Systems – YouTube:
https://www.youtube.com/watch?v=g4ll7XKDJ4o
・ 跨平台的 Keylogging 实现,来自 GrimmCon 会议
– Jett
• [Tools] Tool Release – shouganaiyo-loader: A Tool to Force JVM Attaches:
https://research.nccgroup.com/2021/12/29/tool-release-shouganaiyo-loader-a-tool-to-force-jvm-attaches/
・ shouganaiyo-loader – 强制向 JVM 进程注入 Agent 的工具
– Jett
• Exploiting CVE-2021-44228 using PDFs as delivery channel – PoC:
https://github.com/eelyvy/log4jshell-pdf
・ 以 PDF 文件作为媒介触发 log4j CVE-2021-44228 漏洞
– Jett
• [Tools] Installation:
https://github.com/cdk-team/CDK
・ CDK – 一款为容器环境定制的渗透测试工具,在已攻陷的容器内部提供零依赖的常用命令及 PoC/EXP
– Jett
• Mariana Trench:
https://github.com/facebook/mariana-trench
・ Mariana Trench – Facebook 开源的一款 Android 静态漏洞扫描工具
– Jett
• +overview:
https://cyberweek.ae/2021/presentations/response-smuggling-pwning-http-1-1-connections/
・ Response Smuggling: Pwning HTTP/1.1 Connections
– Jett
• +overview:
https://cyberweek.ae/2021/presentations/hitb-lab-arm-iot-firmware-extraction-and-emulation-using-armx/
・ ARM IoT 固件提取以及基于 ARMX 的固件模拟,来自 Cyberweek 会议
– Jett
• Git stats:
https://github.com/ethereal-vx/Antivirus-Artifacts
・ 几款知名反病毒软件(Avira, BitDefender, F-Secure, MalwareBytes…)所 Hook 的 API 列表收集
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(12-31)