2017-09-25 11:04:36
阅读:1204次
点赞(0)
收藏
来源: 安全客
作者:童话
热点概要:python PyYAML反序列化漏洞实验和Payload构造、FLIR系统存在多处漏洞、Sentora/ZPanel密码重置漏洞、beef+msf实现内网渗透 、我是如何拿到google 13337刀赏金的
国内热词(以下内容部分来自:http://www.solidot.org/)
微软和 Canonical 合作构建定制 linux 内核
Adobe 安全团队不小心公开了他们的私钥
技术类:
Python PyYAML反序列化漏洞实验和Payload构造
http://www.polaris-lab.com/index.php/archives/375/
Python反序列化漏洞浅析与利用(pickle模块)
https://dan.lousqui.fr/explaining-and-exploiting-deserialization-vulnerability-with-python-en.html
FLIR系统存在多处漏洞
https://blogs.securiteam.com/index.php/archives/3411
CLKSCREW: 可持续能源管理暴露的安全风险
https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/tang
Sentora/ZPanel密码重置漏洞
https://blogs.securiteam.com/index.php/archives/3386
向运行的Python进程中注入代码
https://github.com/lmacken/pyrasite
我是如何拿到google 13337刀赏金的
https://thesecurityexperts.wordpress.com/2017/09/24/how-i-got-13337-bounty-from-google/
Linux堆漏洞利用系列:1字节溢出
https://sensepost.com/blog/2017/linux-heap-exploitation-intro-series-the-magicians-cape-1-byte-overflow/
在社交平台(Facebook)上发布登机牌的信息可能导致你的账户信息被盗用
https://www.michalspacek.com/post-a-boarding-pass-on-facebook-get-your-account-stolen
beef+msf实现内网渗透
http://foreversong.cn/archives/470
A web viewer for RF spectrum data
https://github.com/acg/spectool-web
Starting in cybersecurity?Here are my few tips on how to get started on the technical side of computer hacking
https://blog.0day.rocks/starting-in-cybersecurity-5b02d827fb54
dbghost.exe - Ghost And The Darkness
http://subt0x10.blogspot.co.uk/2017/09/dbghostexe-ghost-in-darkness.html
本文由 安全客 原创发布,如需转载请注明来源及本文地址。
本文地址:http://bobao.360.cn/learning/detail/4470.html