Tencent Security Xuanwu Lab Daily News
• Mover_Final_Report.pdf:https://github.com/viaMover/contract-audit-reports/blob/main/Mover_Final_Report.pdf
・ Mover合约的审计报告,包含一个高危和一个中危漏洞。
– keenan
• [Pentest] Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDR:
https://link.medium.com/7GwUnFncZub
・ Havoc C2 绕过 Defender For Endpoint 横向移动实战
– andreszeng
• [Tools] Overview:
https://github.com/Sentinel-One/peafl64
・ peafl64: 用于fuzz的Windows 64位PE文件静态插桩工具
– andreszeng
・ Windows 漏洞利用缓解细节参考
– andreszeng
• [Tools] Pointer compression in Oilpan:
https://v8.dev/blog/oilpan-pointer-compression
・ Chrome团队在Oilpan中开启了指针压缩以提升性能。
– keenan
• Emotet Strikes Again – LNK File Leads to Domain Wide Ransomware – The DFIR Report:
https://thedfirreport.com/2022/11/28/emotet-strikes-again-lnk-file-leads-to-domain-wide-ransomware/
・ LNK文件导致的勒索攻击
– xmzyshypnc
• [Tools] r/ReverseEngineering – Heap_detective is an open-source static analysis tool that finds pitfalls in heap memory usage in C and C++.:
https://www.reddit.com/r/ReverseEngineering/comments/z6lb16/heap_detective_is_an_opensource_static_analysis/
・ 基于污点分析技术的C/C++语言堆漏洞静态检测工具
– P4nda
• [Vulnerability] GCC undefined behaviors are getting wild : programming:
https://www.reddit.com/r/programming/comments/z6f0ae/gcc_undefined_behaviors_are_getting_wild/
・ x86-64 上的 GCC 12.2.0 对UB行为的处理可能导致看上去无害的整数溢出漏洞变得危险
– ArisXu
• [Windows] Dynamic Analysis of Windows Exploit Mitigations — Import Address Filtering.:
https://wambui-ngige.medium.com/dynamic-analysis-of-windows-exploit-mitigations-import-address-filtering-16fc28029529
・ 动态分析Windows漏洞缓解技术之导入地址过滤
– WireFisher
• YApi <1.12.0 远程命令执行漏洞:
https://paper.seebug.org/2028/
・ YApi远程命令执行的漏洞分析,文中提供了一款命令行扫描工具scalpel
– ArisXu
• [Web] Researchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services:
https://thehackernews.com/2022/11/researchers-detail-appsync-cross-tenant.html
・ AWS AppSyncs的confused deputy problem漏洞的细节,该漏洞允许一个恶意租户通过AppSyncs的访问别的租户的资源
– Atum
• [iOS] Researcher released the technical details for CVE-2022-32898 in iOS 16:
https://securityonline.info/researcher-released-the-technical-details-for-cve-2022-32898-in-ios-16/
・ ios16 内核内存破坏漏洞分析,可从APP默认沙箱直接触发
– WireFisher
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(11-30)