今日导读:DDG.Mining.Botnet:一个瞄准数据库服务器的挖矿僵尸网络、Flash Player 0day被韩国发现,补丁5号才会发布、WebKit两个UAF漏洞、IOS 11.1.2越权细节以及工具、Hotspot Shield存在XSSI和DNS重绑定漏洞、深入分析 CVE-2018-1045 MSA-18-0004漏洞、Finspy vm第2部分:vm分析和字节码反汇编、旅行青蛙破解分析从内存到存档再到改包、Windows中的格式字符串漏洞研究、NoSQL注入研究、2017年网络诈骗趋势研究报告、全球云服务商 IP 地址分析报告等。

1、DDG.Mining.Botnet:一个瞄准数据库服务器的挖矿僵尸网络
http://blog.netlab.360.com/ddg-a-mining-botnet-aiming-at-database-server/

2、Flash Player Zero-Day Attack Published by Korean Messenger(韩语)
http://blog.alyac.co.kr/1521

3、WebKit: use-after-free in WebCore::FrameView::clientToLayoutViewportPoint
https://bugs.chromium.org/p/project-zero/issues/detail?id=1465

4、WebKit: use-after-free in detachWrapper
https://bugs.chromium.org/p/project-zero/issues/detail?id=1477

5、Jailbreaking IOS 11.1.2-An adventure into the XNU kernel
https://github.com/Coalfire-Research/iOS-11.1.2-15B202-Jailbreak/blob/master/iOS_jailbreak_writeup.pdf

工具#iOS 11.1.2 (15B202) Jailbreak
https://github.com/Coalfire-Research/iOS-11.1.2-15B202-Jailbreak

7、abusing XSSI and DNS rebinding to read sensitive information from Hotspot Shield(CVE-2018-6460)
http://www.paulosyibelo.com/2018/02/hotspot-shield-cve-2018-6460-sensitive.html

8、Android audioserver vulnerability
https://instasegv.wordpress.com/2018/02/01/android-audioserver-vulnerability/

9、深入分析 CVE-2018-1045 MSA-18-0004
https://www.anquanke.com/post/id/96666

10、Finspy vm part 2: vm analysis and bytecode disassembly
http://www.msreverseengineering.com/blog/2018/1/31/finspy-vm-part-2-vm-analysis-and-bytecode-disassembly

11、旅行青蛙破解分析从内存到存档再到改包
https://weibo.com/ttarticle/p/show?id=2309404202675188174622

12、This research from SEC Consult about glaring security/privacy vulnerabilities in an entire line of Internet-connected sex toys is worth a read.
https://www.sec-consult.com/en/blog/2018/02/internet-of-dildos-a-long-way-to-a-vibrant-future-from-iot-to-iod/index.html

13、Exploiting Format Strings in Windows
https://osandamalith.com/2018/02/01/exploiting-format-strings-in-windows/

14、Vulnserver - my KSTET exploit (delivering the final stage shellcode through the active server socket)
https://ewilded.blogspot.com/2018/01/vulnserver-my-kstet-exploit-delivering.html

15、NoSQL注入研究
https://mp.weixin.qq.com/s/tG874LNTIdiN7MPtO-hovA

16、2017年 网络诈骗趋势研究报告
http://www.4hou.com/technology/10183.html

17、全球云服务商 IP 地址分析报告 2H 2017
https://mp.weixin.qq.com/s?__biz=MzA4NDMzODY1MQ==&mid=2247483727&idx=1&sn=6e8de9e5e207094e07c709642229077a&chksm=9fe9f3fba89e7aed0efca33dd403161aac071bfc2f783540adb2eb22751a1a7a93a1174543b5&mpshare=1&scene=1&srcid=0201y50Z7oELr41Nwp5cOrYI

工具#Secist_Applocker:a collection about Windows applocker bypass
https://github.com/demonsec666/Secist_Applocker

工具#The X86 Encoder Decoder (XED), is a software library (and associated headers) for encoding and decoding X86 (IA32 and Intel64) instructions.
https://github.com/intelxed/xed

工具#injectify:Perform advanced MiTM attacks on websites with ease.
https://github.com/samdenty99/injectify

工具#Blocks Shodan IPs From Scanning Your Servers.
https://gist.github.com/jgamblin/2928d45730543fc7ef10cf56e5a980b0

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖