Tencent Security Xuanwu Lab Daily News
• [Tools] Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD:
https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
・ Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD
– Jett
• [Tools] Driver Buddy Reloaded:
https://voidsec.com/driver-buddy-reloaded/
・ 更新版的windows驱动分析工具
– LuYa
• [Tools] TTY 到底是什么?:
https://www.kawabangga.com/posts/4515
・ TTY 到底是什么?
– lanying37
• Killing bugs … one vulnerability report at a time:
https://www.rtcsec.com/article/killing-bugs-one-vulnerability-report-at-a-time/
・ 软件交换机 FreeSWITCH 多个漏洞的分析
– Jett
• Hikvision Web Server Build 210702 – Command Injection:
http://dlvr.it/SBF4hW
・ 海康威视WebServer的命令注入漏洞
– LuYa
• [IoT] Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260):
https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html
・ 海康威视网络摄像头 RCE 漏洞分析 (CVE-2021-36260)
– Jett
• Docker PHP裸文件本地包含综述:
https://tttang.com/archive/1312/
・ Docker PHP裸文件本地包含综述 .
– lanying37
• [Malware] [PDF] https://www.prodaft.com/m/reports/Solarmarker_TLPWHITEv2.pdf:
https://www.prodaft.com/m/reports/Solarmarker_TLPWHITEv2.pdf
・ Solarmarker 恶意软件的分析报告
– Jett
• [Tools, Malware] MalAPI.io:
https://malapi.io
・ MalAPI.io – 一个收集恶意软件不同运行阶段所使用的 API 的网站
– Jett
• Exploiting Grandstream HT801 ATA (CVE-2021-37748, CVE-2021-37915):
https://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915/
・ Grandstream HT801 电话适配器 RCE 漏洞分析
– Jett
• [Linux] Trick & Treat! ? Paying Leets and Sweets for Linux Kernel privescs and k8s escapes:
http://feedproxy.google.com/~r/GoogleOnlineSecurityBlog/~3/GK5RjuPTjd0/trick-treat-paying-leets-and-sweets-for.html
・ Google 发起为期 3 个月的 Linux Kernel 提权漏洞奖励计划
– Jett
• [macOS] New ‘Shrootless’ Bug Could Let Attackers Install Rootkit on macOS Systems:
https://thehackernews.com/2021/10/new-shrootless-bug-could-let-attackers.html
・ 微软发现了macOS上的一个绕过SIP的漏洞,命名为Shrootless
– LuYa
• [Pentest] From Zero to Domain Admin:
https://thedfirreport.com/2021/11/01/from-zero-to-domain-admin/
・ From Zero to Domain Admin – 一起利用 Zerologon 漏洞攻击域控的实际攻击事件的分析
– Jett
• [Exploit] GitHub – stong/how-to-exploit-a-double-free: How to exploit a double free vulnerability in 2021. ‘Use-After-Free for Dummies’:
https://github.com/stong/how-to-exploit-a-double-free
・ How to exploit a double free vulnerability in 2021
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-02)