每日安全动态推送(11-29)

渗透技巧 2个月前 admin
133 0 0
Tencent Security Xuanwu Lab Daily News


• 从JDK源码中探究Runtime#exec的限制 - FreeBuf网络安全行业门户:

https://www.freebuf.com/vuls/350760.html

   ・ 详解JDK的Runtime.getRuntime().exec(String)的原理:会先将输入字符串以"x20tnrf"进行split,之后再作为Process的argv进行命令执行。 – Atum


• Be Careful with Python's New-Style String Format:
https://lucumr.pocoo.org/2016/12/29/careful-with-str-format/

   ・ Python的格式化字符串如果攻击者可控的话,可能会导致信息泄漏。 – Atum


• [Tools] Introduction to MITRE ATT&CK - Featuring Version 12 (2022):
https://ahead.feedly.com/posts/introduction-to-mitre-attack-featuring-version-12-2022

   ・ MITRE ATT&CK Version 12 新特性 – andreszeng


• [Tools] An End to KASLR Bypasses?:
https://windows-internals.com/an-end-to-kaslr-bypasses/

   ・ THREATINT_PROCESS_SYSCALL_USAGE:Windows 23H2 引入新的 ETW Event 缓解漏洞利用 – andreszeng


• [Pentest, Tools] Reverse TCP Sock5 Proxy:
https://github.com/Coldzer0/ReverseSock5Proxy

   ・ Sock5 反向代理工具 – WireFisher


• [Browser] 2358 - Chrome: heap-use-after-free in blink::LocalFrameView::PerformLayout (incomplete fix for CVE-2022-3199) - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2358

   ・ Chrome浏览器Blink组件UAF漏洞(CVE-2022-3654)细节,由project-zero的glazunov发现,是由于CVE-2022-3199漏洞错误修复导致的补丁绕过。 – P4nda


• obstack结构体:
https://tttang.com/archive/1845/

   ・ 基于IO_FILE的高版本glibc利用链 – xmzyshypnc


• [Tools] Future features:
https://github.com/CoolerVoid/heap_detective

   ・ 基于污点分析的静态分析被应用于堆漏洞检测 – xmzyshypnc


• [Fuzzing, macOS] [Fuzzing with Jackalope] How to install jackalope and fuzz a simple program on MacOS:
https://youtu.be/rXbaHSXiCtg

   ・ 介绍了Jackalope的基本使用方法,对Damn Vulnerable C Program中的示例程序进行模糊测试  – keenan


• Koxic 勒索软件在韩国传播:
https://paper.seebug.org/2027/

   ・ Koxic 勒索软件的相关行为分析 – lanying37


• [Windows] GitHub - abusech/ThreatFox: Open IOC sharing platform:
https://github.com/abusech/ThreatFox

   ・ ThreatFox:开源威胁情报共享平台 – andreszeng


• Hacking Smartwatches for Spear Phishing – Cybervelia | Cyber Security:
https://cybervelia.com/?p=1380

   ・ 攻击智能手表以使其显示自定义内容 – WireFisher


• [Web, Vulnerability] r/netsec - Exploiting an N-day vBulletin PHP Object Injection Vulnerability:
https://www.reddit.com/r/netsec/comments/z5cql6/exploiting_an_nday_vbulletin_php_object_injection/

   ・ 利用vBulletin的一个N-day对象注入漏洞实现任意PHP代码执行。 – keenan


• [Pentest, Tools] OffSecOps: Using Jenkins For Red Team Tooling:
https://http418infosec.com/offsecops-using-jenkins-for-red-team-tooling/

   ・ 用Jenkins来自动化构建红队工具 – ArisXu


• [IoT] When an N-Day turns into a 0day. (Part 1 of 2):
https://github.com/b1ack0wl/vulnerability-write-ups/blob/master/TP-Link/WR940N/112022/Part1.md

   ・ 基于patch对TP-Link一处未初始化访问漏洞的分析和利用,并发现仍存在其他受此漏洞影响的固件版本。 – P4nda


• [Tools] Kubeeye - Tool To Find Various Problems On Kubernetes, Such As Application Misconfiguration, Unhealthy Cluster Components And Node Problems:
http://www.kitploit.com/2022/11/kubeeye-tool-to-find-various-problems.html

   ・ Kubeeye,一款Kubernetes漏洞检测工具,能够给出修复建议,支持客制化。 – keenan


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-29)

版权声明:admin 发表于 2022年11月29日 上午10:25。
转载请注明:每日安全动态推送(11-29) | CTF导航

相关文章

暂无评论

暂无评论...