每日安全动态推送(11-02)

Tencent Security Xuanwu Lab Daily News

• [Tools] Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD:
https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover

   ・ Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD – Jett

• [Tools] Driver Buddy Reloaded:
https://voidsec.com/driver-buddy-reloaded/

   ・ 更新版的windows驱动分析工具 – LuYa

• [Tools] TTY 到底是什么？:
https://www.kawabangga.com/posts/4515

   ・ TTY 到底是什么？  – lanying37

• Killing bugs … one vulnerability report at a time:
https://www.rtcsec.com/article/killing-bugs-one-vulnerability-report-at-a-time/

   ・ 软件交换机 FreeSWITCH 多个漏洞的分析 – Jett

• Hikvision Web Server Build 210702 – Command Injection:
http://dlvr.it/SBF4hW

   ・ 海康威视WebServer的命令注入漏洞 – LuYa

• [IoT] Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260):
https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html

   ・ 海康威视网络摄像头 RCE 漏洞分析 (CVE-2021-36260) – Jett

• Docker PHP裸文件本地包含综述:
https://tttang.com/archive/1312/

   ・  Docker PHP裸文件本地包含综述 . – lanying37

• [Malware] [PDF] https://www.prodaft.com/m/reports/Solarmarker_TLPWHITEv2.pdf:
https://www.prodaft.com/m/reports/Solarmarker_TLPWHITEv2.pdf

   ・ Solarmarker 恶意软件的分析报告 – Jett

• [Tools, Malware] MalAPI.io:
https://malapi.io

   ・ MalAPI.io – 一个收集恶意软件不同运行阶段所使用的 API 的网站 – Jett

• Exploiting Grandstream HT801 ATA (CVE-2021-37748, CVE-2021-37915):
https://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915/

   ・ Grandstream HT801 电话适配器 RCE 漏洞分析 – Jett

• [Linux] Trick & Treat! ? Paying Leets and Sweets for Linux Kernel privescs and k8s escapes:
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/GK5RjuPTjd0/trick-treat-paying-leets-and-sweets-for.html

   ・ Google 发起为期 3 个月的 Linux Kernel 提权漏洞奖励计划 – Jett

• [macOS] New ‘Shrootless’ Bug Could Let Attackers Install Rootkit on macOS Systems:
https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html

   ・ 微软发现了macOS上的一个绕过SIP的漏洞，命名为Shrootless – LuYa

• [Pentest] From Zero to Domain Admin:
https://thedfirreport.com/2021/11/01/from-zero-to-domain-admin/

   ・ From Zero to Domain Admin – 一起利用 Zerologon 漏洞攻击域控的实际攻击事件的分析 – Jett

• [Exploit] GitHub – stong/how-to-exploit-a-double-free: How to exploit a double free vulnerability in 2021. ‘Use-After-Free for Dummies’:
https://github.com/stong/how-to-exploit-a-double-free

   ・ How to exploit a double free vulnerability in 2021 – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(11-02)