Tencent Security Xuanwu Lab Daily News
• [macOS] Built-in macOS Security Tools:
https://www.huntress.com/blog/built-in-macos-security-tools
・ 一篇介绍macos自带安全机制的文章,讲的还是比较清楚。
– Atum
• [Vulnerability] HackerOne:
https://hackerone.com/reports/1820955
・ Node.js 的 undici 库存在 CRLF 注入漏洞
– WireFish
• GitHub – LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection: This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.:
https://github.com/LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection
・ 使用NtQueueApcThreadEx向windows进程注入任意shellcode,可以用于bypass部分终端安全检测
– Atum
• [Tools] Add a basic JavaScript-to-FuzzIL compiler · googleprojectzero/fuzzilli@807625f:
https://github.com/googleprojectzero/fuzzilli/commit/807625f0112df22bfe293aa4d36d67c31c4fb243
・ Fuzzilli新增了一个用于将js代码转换成Fuzzili IR的工具。
– P4nda
• [Tools] Misty’s Ghidra IDA like experience:
https://gist.github.com/NyaMisty/06e65d0f0268d456d9d086aee08952ee
・ 像使用IDA一样使用Ghidra的插件
– WireFish
• Vulnerability write-up – “Dangerous assumptions”:
https://www.codean.io/blog/vulnerability-write-up—%22dangerous-assumptions%22
・ 这篇文章以实际案例展示了盲目信任第三方API会导致导致一系列安全问题
– Atum
• [Reverse Engineering] Reverse Engineering The Apple Lightning Connector:
https://hackaday.com/2023/02/22/reverse-engineering-the-apple-lightning-connector/
・ 苹果Lightning接口通信协议的逆向工程分享视频,视频中还用到了chatGPT来猜测可能的协议
– ArisXu
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(2-24)
