每日安全动态推送(06-27)

渗透技巧 2年前 (2022) admin
602 0 0
Tencent Security Xuanwu Lab Daily News


• [Tools] [RFC] A DataFlow Analysis Framework:
https://discourse.llvm.org/t/rfc-a-dataflow-analysis-framework/63340

   ・ [RFC] A DataFlow Analysis Framework – lanying37


• Git stats:
https://github.com/emredavut/Chrome-Android-and-Windows-0day-RCE-SBX

   ・ 朝鲜 APT 组织利用漏洞渗透安全研究员的 Chrome 漏洞(Windows+Android)PoC – Jett


• [Tools] r/netsec – fuzzuli is a fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.:
https://www.reddit.com/r/netsec/comments/viteij/fuzzuli_is_a_fuzzing_tool_that_aims_to_find/

   ・ fuzzuli – 根据字典在 Web 服务中扫描备份文件的工具 – Jett


• [Pentest] GitHub – Ignitetechnologies/MSSQL-Pentest-Cheatsheet:
https://github.com/Ignitetechnologies/MSSQL-Pentest-Cheatsheet

   ・ MSSQL 渗透测试手册 – Jett


• There Is More Than One Way to Sleep: Dive Deep Into the Implementations of API Hammering by Various Malware Families:
https://unit42.paloaltonetworks.com/api-hammering-malware-families/

   ・ Zloader 恶意软件利用 API Hammering 的方式实现 sleep,探测沙盒运行环境的存在 – Jett


• [Tools] GitHub – optiv/Mangle: Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs:
https://github.com/optiv/Mangle

   ・ Mangle – 修改 PE、DLL 文件字符串等特征逃避 EDR 检测 – Jett


• GitHub – trganda/CVE-2022-22980: Poc of CVE-2022-22980:
https://github.com/trganda/CVE-2022-22980

   ・ VMware Spring Data MongoDB SpEL 表达式注入漏洞 CVE-2022-22980 PoC – Jett


• Develop Your Own Rat:
https://docs.google.com/presentation/d/1UZmFo_TvSS2TvPJKlDjIW1kTVjYGGaYO86Buh2UgbaI/mobilepresent?slide=id.g11cdb36f978_1_129

   ・ EDR & AV Defence,远控 RAT 开发与 EDR 防御 – Jett


• Microsoft Dynamics Container Sandbox RCE via Unauthenticated Docker Remote API 20,000$ Bounty:
https://hencohen10.medium.com/microsoft-dynamics-container-sandbox-rce-via-unauthenticated-docker-remote-api-20-000-bounty-7f726340a93b

   ・ 利用 Docker Remote API 错误配置导致暴露的问题实现 Microsoft Dynamics Container Sandbox RCE – Jett


• Finding Running RPC Server Information with NtObjectManager:
https://www.tiraniddo.dev/2022/06/finding-running-rpc-server-information.html

   ・ 利用 NtObjectManager 探测运行时 RPC Server 信息 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(06-27)

版权声明:admin 发表于 2022年6月27日 下午12:12。
转载请注明:每日安全动态推送(06-27) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...