今日导读:又一起针对中东的黑客攻击、LuminosityLink RAT又卷土重来、攻击者利用欺诈帐户和被黑合法企业来传播Hancitor恶意软件、Google Chrome Widget存在通用XSS漏洞、InfoZip存在缓冲区溢出漏洞可导致命令执行或dos、GeoVision IP摄像机存在命令注入和堆栈溢出漏洞、Marked2存在本地文件泄露漏洞、Asuswrt RT-AC68U 华硕路由器存在文件删除和栈溢出漏洞、joomla多个漏洞分析、Crash 符号化系列文章、Java反序列化漏洞-玄铁重剑之CommonsCollection(下)、利用DNSMon批量发现被挂挖矿代码的域名、2017年度安全报告––应用漏洞、Shopify价值$15,250的任意账号接管漏洞、iBoot源码泄露等。

1、Targeted Attacks In The Middle East
http://blog.talosintelligence.com/2018/02/targeted-attacks-in-middle-east.html

2、Is the LuminosityLink RAT dead? Unit42 looks into details on LuminosityLink's prevalence and capabilities
https://researchcenter.paloaltonetworks.com/2018/02/unit42-rat-trapped-luminositylink-falls-foul-vermin-eradication-efforts/

3、More than malspam: Unit42 researches how attackers use fraudulent accounts and the compromised infrastructures of legitimate businesses to deliver Hancitor malware
https://researchcenter.paloaltonetworks.com/2018/02/unit42-compromised-servers-fraud-accounts-recent-hancitor-attacks/

4、Google Chrome Widget Universal XSS Vulnerability + exploit (CVE-2017-5006)
https://bugs.chromium.org/p/chromium/issues/detail?id=673170

5、ImageMagick GIF coder vulnerability leading to memory disclosure(CVE-2017-15277)
https://hackerone.com/reports/302885

6、Several buffer overflow vulnerabilities in InfoZip Unzip might lead to arbitrary code execution or DoS
https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html

7、Multiple vulnerabilities in GeoVision IP cameras, multiple exploitable command injections, several stack overflows without exploits (but likely to be possible to exploit)
https://github.com/mcw0/PoC/blob/master/Geovision%20IP%20Camera%20Multiple%20Remote%20Command%20Execution%20-%20Multiple%20Stack%20Overflow%20-%20Double%20free%20-%20Unauthorized%20Access.txt

8、Local File Disclosure in Marked2( CVE-2018-6806)
http://www.lynxsecurity.io/releases/Local%20File%20Disclosure%20in%20Marked2.pdf

9、Asuswrt RT-AC68U 华硕路由器文件删除漏洞 && 栈溢出
http://www.cnblogs.com/iamstudy/articles/Asuswrt_RT-AC68U_CVE-2018-6636_Detail.html

10、从补丁到漏洞分析 --记一次joomla漏洞应急
https://paper.seebug.org/529/

11、VBULLETIN 论坛定向攻击脚本分析
https://kylingit.com/blog/vbulletin-%E8%AE%BA%E5%9D%9B%E5%AE%9A%E5%90%91%E6%94%BB%E5%87%BB%E8%84%9A%E6%9C%AC%E5%88%86%E6%9E%90/

12、Python http.server和web.py的URL跳转漏洞实践
http://www.polaris-lab.com/index.php/archives/435/

13、Django的Secret Key泄漏导致的命令执行实践
http://www.polaris-lab.com/index.php/archives/426/

14、SOP Bypass using rel="noreferrer"
https://datarift.blogspot.com/2018/02/sop-bypass-mozilla-quantum.html

15、a session fixation vulnerability previously in Tomcat (CVE-2015-5346)
https://www.dropbox.com/s/48v5dr7611mp1fk/Sina_Taghizadeh_CVE-2015-5346_Vuln_Report.pdf?dl=0

16、Crash 符号化 1. 基本流程与相关命令
http://saitjr.com/ios/symbolicatecrash-1.html

17、Crash 符号化 2. symbolicatecrash 源码浅析与优化
http://saitjr.com/ios/symbolicatecrash-2.html

18、Crash 符号化 3. Mach-O 与 atos
http://saitjr.com/ios/symbolicatecrash-3.html

19、Java反序列化漏洞-玄铁重剑之CommonsCollection(下)
https://xianzhi.aliyun.com/forum/topic/2029

20、JSONP与CORS漏洞挖掘
https://www.anquanke.com/post/id/97671

21、pwnhub年前最后一战——“血月归来”writeup
https://www.secpulse.com/archives/68026.html

22、Nice introduction of modern XSS/CSRF attacks
https://tomnomnom.com/talks/advxss.pdf

23、是谁悄悄偷走了我的电:利用DNSMon批量发现被挂挖矿代码的域名
https://blog.netlab.360.com/who-is-stealing-my-power-web-mining-domains-measurement-via-dnsmon/

24、Decrypting C&C traffic with Hypervisor based Inspection
https://www.joesecurity.org/blog/8342304298391739497

25、登录抓包逆向分析学习笔记
https://bbs.pediy.com/thread-224559.htm

26、how to fuzz GUI/GTK+ application with American Fuzzy Lop (AFL)
http://blog.hyperiongray.com/fuzzing-gtk-programs-with-american-fuzzy-lop-afl/

27、Internals of AFL fuzzer - QEMU Instrumentation
https://tunnelshade.in/blog/2018/02/afl-internals-qemu-instrumentation/

28、2017年度安全报告––应用漏洞
https://cert.360.cn/static/files/2017%E5%B9%B4%E5%BA%A6%E5%AE%89%E5%85%A8%E6%8A%A5%E5%91%8A--%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E.pdf

29、Shopify:Ability to bypass partner email confirmation to take over any store given an employee email($15,250)
https://hackerone.com/reports/300305

30、Taking over Facebook accounts using Free Basics partner portal($$$$$)
https://www.josipfranjkovic.com/blog/facebook-partners-portal-account-takeover

31、Reflected XSS To Account Takeover in Cozy Cloud
http://www.lynxsecurity.io/releases/XSS%20to%20Account%20Takeover%20in%20Cozy%20Cloud.pdf

工具#ReelPhish: a two-factor phishing tool.
https://github.com/fireeye/ReelPhish

工具#A List of Open Source Verification and Investigation Tools and Methods
https://docs.google.com/document/d/1BfLPJpRtyq4RFtHJoNpvWQjmGnyVkfE2HYoICKOGguA/edit

工具#iBoot leaked source code
https://github.com/ZioShiba/iBoot

工具#StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
https://github.com/vincentcox/StaCoAn

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖