2017-06-27 10:28:59
阅读:123次
点赞(0)
收藏
来源: 安全客
作者:adlab_puky
热点概要:ffmpeg的一个信息泄漏漏洞、项目、实例和paper、基于Graylog日志安全审计实践、python安全 - 从SSRF到命令执行惨案、CVE-2017-6920:Drupal远程代码执行漏洞分析及POC构造、基于误植域名的水坑攻击实践、通过非数字和字符的方式Bypass WAF(php)、IBM DB2 命令行进程缓冲区溢出、通过Sysinternals Sysmon和 Powershell logs检测攻击行为、恶意虚拟机管理程序的现状以及如何去识别他们
资讯类:
微软恶意程式防护引擎修复另外一个RCE漏洞
https://threatpost.com/another-rce-vulnerability-patched-in-microsoft-malware-protection-engine/126536/
技术类:
ffmpeg的一个信息泄漏漏洞、项目、实例和paper
https://hackerone.com/reports/243470
https://github.com/neex/ffmpeg-avi-m3u-xbin/https://docs.google.com/presentation/d/1yqWy_aE3dQNXAhW8kxMxRqtP7qMHaIfMzUDpEqFneos/edit
基于Graylog日志安全审计实践
http://bobao.360.cn/learning/detail/4025.html
Python安全 - 从SSRF到命令执行惨案
https://www.leavesongs.com/PENETRATION/getshell-via-ssrf-and-redis.html
Java Unserialize Vul Payload生成器(涵盖了之前没有被公开的gadget)
https://threathunter.org/topic/5950e0df4ca62e893ec8c0c4
通过样本分析CVE-2010-3333
https://xianzhi.aliyun.com/forum/read/1785.html
基于误植域名的水坑攻击实践
http://bobao.360.cn/learning/detail/4026.html
从Android内核镜像中静态提取符号表
http://ne2der.com/2017/get-symbol-from-kernel-img/
CVE-2017-6920:Drupal远程代码执行漏洞分析及POC构造
https://mp.weixin.qq.com/s?src=3×tamp=1498526078&ver=1&signature=mV84SMCvF0EvZTPVNDWofzOR5jyZ1BFzQB0jBE4GSnI2L2UCL5Bg5kAwRbNfSPh*JVCZ*MSGYDqP5cVawcAN4vgYA-*x*DO2rcCASWAaB0RT8zGf1brlzffZK3HRatQ4j6c8plbJ--6nOox8YrbIu*znH6E1dmSJEhjRpeR5rKE=
Oauth协议介绍与安全隐患
https://mp.weixin.qq.com/s/bK6RSpX65XlHmbMG1N0myg
MAMP集成环境套件中的SQLiteManager漏洞
https://www.itsec.nl/en/2017/06/26/drive-by-remote-code-execution-by-mamp/
恶意虚拟机管理程序的现状以及如何去识别他们
http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_051_Utin_Hypervisor.pdf
OpenVPN fuzzers发布(前段时间作者发了一份关于多个openvpn的漏洞,就是用的这个)
https://github.com/guidovranken/openvpn/tree/fuzzing
思科Prime Collaboration Provisioning产品无需认证远程执行代码漏洞
http://www.zerodayinitiative.com/advisories/ZDI-17-445/
通过非数字和字符的方式Bypass WAF(PHP)
https://securityonline.info/bypass-waf-php-webshell-without-numbers-letters/
简单$ _COOKIE后门
http://labs.sucuri.net/?note=2017-03-09
http://labs.sucuri.net/?note=2017-05-30
CVE-2017-9948:Microsoft Skype 7.2 / 7.35 / 7.36缓冲区溢出
https://securityonline.info/cve-2017-9948-microsoft-skype-7-2-7-35-7-36-buffer-overflow/
Metasploit RSS feed插件(获取shell时获取推送通知)
https://github.com/rapid7/metasploit-framework/pull/8612
GoogleCTF 2017: Inst Prof 152 (final value)
https://binarystud.io/googlectf-2017-inst-prof-152-final-value.html
GoogleCTF 2017: Food - Android Reverse Engineering
http://pwning.re/2017/06/25/google-ctf-food/
XSS'OR:前端黑客工具
http://xssor.io/
https://github.com/evilcos/xssor2
CrackMapExec:渗透后期利用工具
https://github.com/byt3bl33d3r/CrackMapExec
ANDROID O和DEX 38:DALVIK动态调用操作码
https://www.pnfsoftware.com/blog/android-o-and-dex-version-38-new-dalvik-opcodes-to-support-dynamic-invocation/
IBM DB2 命令行进程缓冲区溢出
http://www.defensecode.com/advisories/IBM_DB2_Command_Line_Processor_Buffer_Overflow.pdf
通过Sysinternals Sysmon和 Powershell logs检测攻击行为
https://securitylogsdotorg.files.wordpress.com/2017/06/bsides-athens-sysmon-final.pdf
本文由 安全客 原创发布,如需转载请注明来源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4027.html