热点概要: WordPress REST API 内容注入分析 、 SMBv3拒绝服务0day(PoC) 、 gitlab 删库事故回顾、 linux漏洞利用建议工具、 Petya变种的恶意软件分析
国内热词(以下内容部分摘自http://www.solidot.org/):
Google将开源Google Earth Enterprise
Kernel.org宣布将关闭FTP服务器
特朗普总统令草案准备大改工作签证程序
开工大吉
资讯类:为了避免网络攻击干扰,荷兰政府宣布下个月选举所有选票手动计数
http://securityaffairs.co/wordpress/55906/intelligence/dutch-government-election.html
Zimperium开始悬赏Android 和 iPhone 的N day
http://www.zdnet.com/article/zimperium-launches-exploit-purchase-program-for-your-android-and-ios-devices/
数据泄漏类:250万Xbox和PlayStation游戏玩家信息泄漏
https://www.cnet.com/news/2-5-million-xbox-and-playstation-gamers-details-hacked/
技术类:配置DNS隧道进行防火墙绕过
https://www.stevencampbell.info/2017/02/configure-pentest-dropbox-dns-tunneling/
Thomson TWG870调制器后门漏洞分析
https://research.kudelskisecurity.com/2017/01/06/do-not-create-a-backdoor-use-your-providers-one/
MacOS内存中运行可执行文件
https://blog.cylance.com/running-executables-on-macos-from-memory
从pcap文件中或实时提取Credit card, NTLM, HTTP, SQL, LDAP, Kerberos, HTTP Basic, SNMP, POP, SMTP, FTP, IMAP信息
https://github.com/lgandx/PCredz
SMBv3拒绝服务0day(PoC)
https://github.com/lgandx/PoC/tree/master/SMBv3%20Tree%20Connect
Dlink DWR-932B 多个漏洞分析报告
https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html
https://pierrekim.github.io/blog/2017-02-02-update-dlink-dwr-932b-lte-routers-vulnerabilities.html
https://github.com/dyjakan/interpreter-bugs
gitlab 删库事故回顾
https://docs.google.com/document/d/1GCK53YDcBWQveod9kfzW-VCxIABGiryG7_z_6jHdVik/pub
Petya变种的恶意软件分析,它不仅锁定计算机还覆盖主引导记录
http://blog.fortinet.com/2017/02/01/ransomware-and-the-boot-process
Google Android - RKP EL1 Code Loading Bypass
https://bugs.chromium.org/p/project-zero/issues/detail?id=981
Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation
https://bugs.chromium.org/p/project-zero/issues/detail?id=980
WordPress REST API 内容注入分析
https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
https://gist.github.com/leonjza/2244eb15510a0687ed93160c623762ab
通过/proc在Illumos进行本地提权
http://benmmurphy.github.io/blog/2017/01/31/local-privilege-escalation-in-illumos-via-slash-proc/
CVE-2015-7547:glibc漏洞分析
http://zhodiac.hispahack.com/my-stuff/security/Glibc_vulnerability_CVE-2015-7547_and_Google.pdf
Mimikatz突破了新的微软的安全机制
https://onedrive.live.com/view.aspx?resid=A352EBC5934F0254!3316&ithint=file%2cpptx&app=PowerPoint
linux漏洞利用建议工具
https://github.com/mzet-/linux-exploit-suggester
Hackfest 2016所有视频