Tencent Security Xuanwu Lab Daily News
• [Windows] Access Denied:
https://www.akamai.com/blog/security/authentication-coercion-windows-server-service
・ Windows Server 服务 off-by-one 漏洞分析,结合 NTLM Relay 攻击可以实现域控远程代码执行
– Jett
• What You Need to Know About Linux Auditing:
https://goteleport.com/blog/linux-audit/
・ Linux 审计框架 auditd 分析
– Jett
• [Tools] [PDF] https://i.blackhat.com/USA-22/Wednesday/US-22-Forshaw-Taking-Kerberos-To-The-Next-Level.pdf:
https://i.blackhat.com/USA-22/Wednesday/US-22-Forshaw-Taking-Kerberos-To-The-Next-Level.pdf
・ Taking Kerberos To The Next Level,BlackHat USA 会议 James Forshaw 关于 Kerberos 认证的议题
– Jett
• Vulnerability in TikTok Android app could lead to one-click account hijacking:
https://www.microsoft.com/security/blog/2022/08/31/vulnerability-in-tiktok-android-app-could-lead-to-one-click-account-hijacking/
・ TikTok WebView 接口任意 URL 加载漏洞分析,可以实现 One-Click 账户劫持
– Jett
• guidovranken/cryptofuzz:
https://github.com/guidovranken/cryptofuzz
・ Cryptofuzz – 用于 Fuzz 加密库的工具
– Jett
• Network Relaying Abuse in a Windows Domain – Nettitude Labs:
https://labs.nettitude.com/blog/network-relaying-abuse-windows-domain/
・ Network Relaying Abuse in a Windows Domain
– Jett
• Discovering Domains via a Time-Correlation Attack on Certificate Transparency:
https://swarm.ptsecurity.com/discovering-domains-via-a-time-correlation-attack/
・ 利用证书 Certificate Transparency 的时间关联攻击枚举同一台服务器上架设的域名
– Jett
• 浅析路由器WEB服务架构:
https://tttang.com/archive/1719/
・ 浅析路由器WEB服务架构
– lanying37
• What’s the Debugger Data Model? (And Why?):
https://www.timdbg.com/posts/whats-the-data-model/
・ WinDBG Debugger Data Model
– Jett
• NCC Con Europe 2022 – Pwn2Own Austin Presentations:
https://research.nccgroup.com/2022/08/30/ncc-con-europe-2022-pwn2own-austin-presentations/
・ NCC 研究员参加 Pwn2Own Austin 2021 比赛攻破路由器、NAS、打印机的技术细节分享
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(09-01)
