Tencent Security Xuanwu Lab Daily News
• C your data structures with rellic-headergen:
https://blog.trailofbits.com/2022/01/19/c-your-data-structures-with-rellic-headergen/
・ rellic-headergen – Trail of Bits 开源了一个用于分析字节码,还原 C 数据结构关联的工具
– Jett
• GitHub – modzero/MZ-21-02-Trendmicro: Critical Vulnerabilities in Trend Micro Deep Security Agent for Linux:
https://github.com/modzero/MZ-21-02-Trendmicro
・ 趋势科技 Deep Security Agent Linux 版本 root 提权漏洞 PoC
– Jett
• Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike:
https://news.sophos.com/en-us/2022/01/19/zloader-installs-remote-access-backdoors-and-delivers-cobalt-strike/
・ Zloader 木马近期功能更新,运行时会安装 VNC 以及 Cobalt Strike
– Jett
• [Windows] CVE-2021-31956:
https://bbs.pediy.com/thread-271140.htm
・ CVE-2021-31956漏洞分析与利用.
– lanying37
• Fuzzware:
https://github.com/fuzzware-fuzzer/fuzzware
・ Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing
– Jett
• [Tools] CryptoLyzer: A comprehensive cryptographic settings analyzer:
https://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html
・ CryptoLyzer – 自动化分析 SSL/TLS, SSH 协议相关加密配置属性的工具
– Jett
• [Browser, Web] [PDF] https://arxiv.org/pdf/2112.15561.pdf:
https://arxiv.org/pdf/2112.15561.pdf
・ SOK: On the Analysis of Web Browser Security
– Jett
• CVE-2021-22204 GitLab RCE之exiftool代码执行漏洞深入分析(二):
http://blog.topsec.com.cn/cve-2021-22204-gitlab-rce%e4%b9%8bexiftool%e4%bb%a3%e7%a0%81%e6%89%a7%e8%a1%8c%e6%bc%8f%e6%b4%9e%e6%b7%b1%e5%85%a5%e5%88%86%e6%9e%90%ef%bc%88%e4%ba%8c%ef%bc%89/
・ CVE-2021-22204 GitLab RCE之exiftool代码执行漏洞深入分析(二)
– lanying37
• ?? The ace(r) up your sleeve!:
https://aptw.tf/2022/01/20/acer-care-center-privesc.html
・ 宏基电脑在 Windows 系统安装的 Acer Care Center 被发现本地提权漏洞
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(01-20)