今日导读:黑客使用社工手段欺骗Facebook用户下载APT工具Kik Messenger、来自中国的Avzhan DDoS僵尸网络再次被发现、OMG:基于Mirai的僵尸网络将物联网设备转变为代理服务器、OilRig使用ThreeDollars传播新木马、是谁悄悄偷走我的电(三):某在线广告网络公司案例分析、Google ChromeOS打印机Zeroconf存在远程执行代码漏洞、pwn2own一个webkit漏洞利用分析、趋势科技电子邮件加密网关存在多个漏洞、NoMachine存在权限提升/拒绝服务漏洞、tenda ac15路由器存在远程代码执行漏洞、ASUS routers多个漏洞系列分析、Linux上ASLR的绕过和和保护技术、通过CSS攻击窃取敏感内容(2012)、从堆到RIP:在纯glibc堆机制进行代码执行、惠普项目和Portfolio Management Center的XXE 0Day漏洞、通过双击字符串在IDA中进行远程代码执行、用于7-Zip的两个有趣Micropatches分享、Mozilla Rhino 反序列化漏洞 POC 分析、攻击LNMP架构Web应用的几个小Tricks、APT事件收集分类、一些Facebook赏金漏洞分享等。

内容比较多,建议都看一下

1、Social engineering used to trick Facebook users into downloading Advanced Persistent Threat disguised as Kik Messenger app.
https://blog.avast.com/avast-tracks-down-tempting-cedar-spyware

2、Avzhan DDoS bot dropped by Chinese drive-by attack
https://blog.malwarebytes.com/threat-analysis/2018/02/avzhan-ddos-bot-dropped-by-chinese-drive-by-attack/

3、OMG: Mirai-based Bot Turns IoT Devices into Proxy Servers
https://www.fortinet.com/blog/threat-research/omg--mirai-based-bot-turns-iot-devices-into-proxy-servers.html

4、OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan
https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/

5、Malicious RTF document leading to NetwiredRC and Quasar RAT
https://www.zscaler.com/blogs/research/malicious-rtf-document-leading-netwiredrc-and-quasar-rat

6、Cybercriminals exploited Telegram flaw to launch multipurpose attacks.
https://securelist.com/zero-day-vulnerability-in-telegram/83800/

7、是谁悄悄偷走我的电(三):某在线广告网络公司案例分析
https://blog.netlab.360.com/who-is-stealing-my-power-iii-an-adnetwork-company-case-study/

8、Google ChromeOS Printer Zeroconf Remote Code Execution Vulnerability (CVE-2017-15400)
https://bugs.chromium.org/p/chromium/issues/detail?id=777215

9、pushing webkit's buttons with a mobile pwn2own exploit
https://www.zerodayinitiative.com/blog/2018/2/12/pushing-webkits-buttons-with-a-mobile-pwn2own-exploit

10、mobile pwn2own 2017:A quick PoC for Google Chrome V8 Function Deoptimization Isolate Control Vulnerability
https://bugs.chromium.org/p/chromium/issues/detail?id=780402&desc=2

11、Trend Micro Email Encryption Gateway Multiple Vulnerabilities
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities

12、宝贝和互联网的故事:当婴儿监控器不再安全
https://www.anquanke.com/post/id/98782

13、The Road to NoMachine privilege escalation or denial of service(CVE-2018-6947)
https://www.fidusinfosec.com/nomachine-road-code-execution-without-fuzzing-cve-2018-6947/

14、remote code execution (cve-2018-5767) walkthrough on tenda ac15 router
https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/

15、ASUS routers多个漏洞系列
http://sploit.tech/

16、New bypass and protection techniques for ASLR on Linux
http://blog.ptsecurity.com/2018/02/new-bypass-and-protection-techniques.html

17、Scriptless Attacks - Stealing the Pie without touching the Sill(2012)
https://www.nds.rub.de/media/emma/veroeffentlichungen/2012/08/16/scriptlessAttacks-ccs2012.pdf

18、From heap to RIP: getting code execution from pure glibc heap mechanics
http://blog.frizn.fr/glibc/glibc-heap-to-rip

19、Hiding in plain sight: XXE Zeroday In HP Project and Portfolio Management Center Application
https://rhinosecuritylabs.com/application-security/xxe-zeroday-vulnerability-in-hp-project/

20、Remote Code Execution in IDA by double clicking string
http://riscy.business/2018/02/ida-remote-execution/

21、Two Interesting Micropatches For 7-Zip (CVE-2017-17969 and CVE-2018-5996)
https://0patch.blogspot.hk/2018/02/two-interesting-micropatches-for-7-zip.html

22、Mozilla Rhino 反序列化漏洞 POC 分析
https://mp.weixin.qq.com/s/qm3mS78r43IIOHgZ-6YyGw

23、使用x64dbg 分析 TIM2.0 QQ撤销功能
https://www.anquanke.com/post/id/98498

24、某租车系统JAVA代码审计
http://www.freebuf.com/articles/web/162910.html

25、zzcms8.2 任意用户密码重置&del.php时间盲注
http://www.cnblogs.com/ak47boom/p/8449120.html

26、Finecms SQL注入漏洞 (CVE-2018-6893)
https://xianzhi.aliyun.com/forum/topic/2050

27、看我教你如何修改QQ安装包实现绕过QQ语音红包验证来领红包
http://www.freebuf.com/articles/terminal/162936.html

28、linux一种无文件后门技巧
https://kevien.github.io/2018/02/20/linux%E4%B8%80%E7%A7%8D%E6%97%A0%E6%96%87%E4%BB%B6%E5%90%8E%E9%97%A8%E6%8A%80%E5%B7%A7/

29、攻击LNMP架构Web应用的几个小Tricks
https://www.leavesongs.com/PENETRATION/some-tricks-of-attacking-lnmp-web-application.html

30、Logs injection or why is logs tailing unsafe
https://disconnect3d.pl/2018/02/24/log-injection-aka-tailing-logs-is-unsafe/

31、中间件安全-Tomcat安全测试概要
https://mp.weixin.qq.com/s/_-AtrbMNROUFRbaime3NrA

32、Java反序列化漏洞从入门到深入
https://mp.weixin.qq.com/s/nNTw3HMnkX63d9ybdx3USQ

33、The Windows 10 TH2 INT 2E mystery
http://blog.amossys.fr/windows10_TH2_int2E_mystery.html

34、.Net over .net – Breaking the Boundaries of the .Net Framework
https://jimshaver.net/2018/02/22/net-over-net-breaking-the-boundaries-of-the-net-framework/

35、LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE
http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2018/02/ndss2018_02A-3_Hussain_paper.pdf

36、APT事件收集分类
http://apt.threattracking.com

37、团队线下赛AWD writeup&Beescms_V4.0代码审计
https://www.anquanke.com/post/id/98574

38、H1-202 CTF - Writeup(Android Reverse Engineering & Web Exploitation)
https://pwning.re/2018/02/23/h1-202-writeup/

39、How I Identified 93k Domain-Frontable CloudFront Domains
https://www.peew.pw/blog/2018/2/22/how-i-identified-93k-domain-frontable-cloudfront-domains

40、Persistent DOM-based XSS in help.twitter.com via localStorage
https://hackerone.com/reports/297968

41、Hacking Tinder Accounts using Facebook Accountkit
https://medium.com/appsecure/hacking-tinder-accounts-using-facebook-accountkit-d5cc813340d1

42、Some nice Facebook write-ups
https://medium.com/@maxpasqua

工具#CSS-Keylogging:Chrome extension and Express server that exploits keylogging abilities of CSS.
https://github.com/maxchehab/CSS-Keylogging

工具#EvilOSX:A pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.
https://github.com/Marten4n6/EvilOSX

工具#gitleaks:Searches full repo history for secrets and keys
https://github.com/zricethezav/gitleaks

工具#FiOS - new iOS pentesting tool based on fridadotre
https://github.com/snooze6/FiOS

工具#malware.one is a binary substring searchable malware catalog containing terabytes of malicious code.
https://malware.one/index.php?action=login

工具#UniByAv is a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly.
https://github.com/Mr-Un1k0d3r/UniByAv

工具#Stryker:It uses CPU-Z internal driver (version 1.41 as per CVE-2017-15303) to read/write into physical memory and read CPU control registers.
https://github.com/hfiref0x/Stryker

工具#SubDomainSniper 1.1 中/英文版——企业资产查询工具子域名搜集
https://xianzhi.aliyun.com/forum/topic/2051

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖