Tencent Security Xuanwu Lab Daily News
• Debugger Lies: Stack Corruption:
https://www.timdbg.com/posts/debugger-lies-part-1/
・ Debugger Lies: Stack Corruption
– Jett
• Investigating .NET CLR Usage Log Tampering Techniques For EDR Evasion (Part 2):
https://bohops.com/2022/08/22/investigating-net-clr-usage-log-tampering-techniques-for-edr-evasion-part-2/
・ 篡改 NET CLR Usage Log 逃逸 EDR 的检测
– Jett
• GitHub – 0vercl0k/paracosme: Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64.:
https://github.com/0vercl0k/paracosme
・ Paracosme – Pwn2Own 比赛研究员利用 zero-click RCE 漏洞攻破 ICONICS Genesis64 工控软件的细节
– Jett
• 基于USMA的内核通用EXP编写思路在 CVE-2022-34918 上的实践:
https://tttang.com/archive/1706/
・ 基于USMA的内核通用EXP编写思路在 CVE-2022-34918 上的实践
– lanying37
• Generate symbol file for linux kernel debugging:
https://github.com/therealdreg/bochs_linux_kernel_debugging
・ 用于实现基于 Bochs 的 Linux 内核调试的工具
– Jett
• [PDF] https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/stacksmashing%20-%20The%20hitchhackers%20guide%20to%20iPhone%20Lightning%20%20%20JTAG%20hacking.pdf:
https://media.defcon.org/DEF%20CON%2030/DEF%20CON%2030%20presentations/stacksmashing%20-%20The%20hitchhackers%20guide%20to%20iPhone%20Lightning%20%20%20JTAG%20hacking.pdf
・ iPhone Lightning & JTAG hacking,来自 DEF CON 会议
– Jett
• [Tools] P1sec/QCSuper:
https://github.com/P1sec/QCSuper
・ QCSuper – 与基于高通芯片手机通信的工具,支持抓取 2G/3G/4G无线帧数据
– Jett
• 从偶遇 Flarum 开始的 RCE 之旅:
https://paper.seebug.org/1946/
・ 在 Flarum 论坛后台挖掘 RCE 漏洞
– Jett
• GitHub – fullstorydev/grpcurl: Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers:
https://github.com/fullstorydev/grpcurl
・ grpcurl – 与 gRPC 服务交互的类 curl 命令行工具
– Jett
• BlackINT3/OpenArk:
https://github.com/BlackINT3/OpenArk
・ OpenArk – Windows 平台开源 anti-rootkit 工具
– Jett
• Chrome沙箱绕过研究:
https://mp.weixin.qq.com/s/gqH0lqz1ey6IzT–UD9Jsg
・ 基于 Mojo IPC 的 Chrome 沙箱绕过研究
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(08-23)