SecWiki周刊（第214期)

SecWiki周刊（第214期）

2018/04/02-2018/04/08

安全资讯

[新闻] Gartner报告：全球网络安全产业规模发展情况及趋势预测
https://mp.weixin.qq.com/s/_jOALqJB4aVpaM25rjN5Yg

[新闻] 公安机关互联网安全监督检查规定（征求意见稿）
https://mp.weixin.qq.com/s/Ytp3J2ZRRZTGB8QMu4EiIA

[新闻] 诸葛建伟段海新：网络泥淖的“蓝莲花”
http://v.iqilu.com/sdws/wzshsdr/201803/31/4523580.html?from=timeline&isappinstalled=0

[新闻] 美国MITRE评估APT侦测产品，假想敌是中国
https://mp.weixin.qq.com/s/ImXILnFVgmYgQPf009TYeA

安全技术

[取证分析] Bitcoin and Cryptocurrency Tracking with the ELK Stack
https://logz.io/blog/cryptocurrency-tracking-elk-stack/?from=timeline&isappinstalled=0

[文档] CanSecWest 2018 Files
https://cansecwest.com/csw18archive.html

[Web安全] 由MetInfo 深入理解PHP变量覆盖漏洞
https://mp.weixin.qq.com/s/I7tEDv12e65KI93TCXN8Ug

[移动安全] Fake AV Investigation Unearths KevDroid, New Android Malware
http://blog.talosintelligence.com/2018/04/fake-av-investigation-unearths-kevdroid.html

[Web安全] Some trick in ssrf and trick in unserialize()
https://mp.weixin.qq.com/s/MSYZOBRzvYdmdZR_wqBP7g

[工具] Code and slides for Zer0Con 2018 talk: Building a 1-day Exploit for Google Chrom
https://github.com/theori-io/zer0con2018_bpak

[Web安全] PHP代码审计菜鸟笔记（一）
https://sosly.me/index.php/2018/04/02/php_daimashenji1/

[漏洞分析] HowTo: ExploitDev Fuzzing
https://hansesecure.de/howto-exploitdev-fuzzing/

[其它] BACKDOORING PLUGINS
https://www.gironsec.com/blog/2018/03/backdooring-plugins/

[取证分析] Python工具分析风险数据
http://mp.weixin.qq.com/s/46f1WM_1xDgxzwxqGmFJNQ

[漏洞分析] Exim Off-by-one(CVE-2018-6789)漏洞复现分析
http://0x48.pw/2018/03/30/0x42/

[比赛] 0CTF 2018 Quals Bl0g writeup
https://blog.cal1.cn/post/0CTF%202018%20Quals%20Bl0g%20writeup

[Web安全] 从sql注入到xslt再到xxe的一道ctf题目
https://mp.weixin.qq.com/s/OVf3eUxjSq9N5wGzfg8F-Q

[Web安全] PHP代码审计菜鸟笔记（二）
https://sosly.me/index.php/2018/04/03/php_daimashenji2/

[编程技术] Scriptable network authentication cracker
https://github.com/kpcyrd/badtouch

[移动安全] Extract enpoints from apk files.
https://github.com/UltimateHackers/Diggy

[Web安全] Linux无文件渗透执行ELF
https://mp.weixin.qq.com/s/SdR6ce9xjbS5UQbh14kfgg

[移动安全] APP漏洞之WebView File域同源策略绕过漏洞
https://bbs.ichunqiu.com/thread-37204-1-1.html?from=sec

[运维安全] 从长亭的wiki上获取我想要的数据
https://mp.weixin.qq.com/s/xpClaDBOtIERwTUv3sbPvg

[工具] 打造一款自动扫描全网漏洞的扫描器
http://mp.weixin.qq.com/s/OFD821QhL0sjmXerqgPyCQ

[Web安全] PHP代码/命令注入小结
https://mp.weixin.qq.com/s/e-qNJaXZh-t5H7AJEOBIAQ

[比赛] 0CTF 2018 EZDOOR(WEB) Writeup
https://www.cdxy.me/?p=790

[漏洞分析] POC-Collect: 各种开源CMS的漏洞及EXP
https://github.com/Mr5m1th/POC-Collect

[漏洞分析] 深入探索Cobalt Strike的ExternalC2框架
https://xz.aliyun.com/t/2239

[Web安全] Apache Log View 5.37破解笔记
https://bbs.ichunqiu.com/thread-37208-1-1.html?from=sec

[工具] Cracking Passwords up to 256 Characters with Hashcat
https://cyberarms.wordpress.com/2018/04/03/cracking-passwords-up-to-256-characters-with-hashcat/

[Web安全] CSRF攻击与防御
https://www.cnblogs.com/phpstudy2015-6/p/6771239.html

[Web安全] 代码审计之CLTPHP_v5.5.3前台XML外部实体注入漏洞
https://mp.weixin.qq.com/s/UBBeo4PeCunF6XxdvlbF0Q

[恶意分析] 基于SYLK文件传播Orcus远控木马样本分析
http://www.freebuf.com/articles/system/167141.html

[Web安全] CloudFront Hijacking
https://www.mindpointgroup.com/blog/pen-test/cloudfront-hijacking/

[Web安全] 用150行python代码来做代码审计笔记
http://mp.weixin.qq.com/s/ymyhrUxQIj0q9pDoZ2-x3A

[Web安全] 新手指南：Bwapp之XSS –stored
http://mp.weixin.qq.com/s/KJKAqBOm6zRokHioPG8c5g

[漏洞分析] 路由器漏洞分析第五弹：CVE-2018-5767路由器远程代码执行
http://www.freebuf.com/articles/wireless/166869.html

[Web安全] 代码审计之SQL二次编码注入漏洞实例（附tamper脚本）
https://mp.weixin.qq.com/s/5lzvyD1V7ligf_JsKrglMA

[无线安全] 细节决定成败-WIFI新玩法
http://mp.weixin.qq.com/s/_4x2MXe2Q-oOd_qZv0bafQ

[工具] Free IP address to ASN database
https://iptoasn.com/

[编程技术] 使用Django编写简易测试报告生成器
http://www.freebuf.com/sectool/166605.html

[漏洞分析] Exim Off-by-one(CVE-2018-6789)漏洞复现分析
https://paper.seebug.org/557/

[数据挖掘] 知识图谱与认知智能
http://kw.fudan.edu.cn/resources/ppt/workshop2018/%E7%9F%A5%E8%AF%86%E5%9B%BE%E8%B0%B1%E4%B8%8E%E8%AE%A4%E7%9F%A5%E6%99%BA%E8%83%BD.pdf

[Web安全] HUNT：HUNT Proxy Burp Suite Extension
https://github.com/bugcrowd/HUNT

[漏洞分析] Attacking an FTP Client: MGETting more than you bargained for
https://snyk.io/blog/attacking-an-ftp-client/

[Web安全] sqlmap time-based inject 分析
http://blog.wils0n.cn/archives/178/

[其它] 安全对你来说意味着什么
https://mp.weixin.qq.com/s/UciYiCpqV9BQArexmLEOMQ

[Web安全] Automated Security Testing For REST API's
https://github.com/flipkart-incubator/astra

[恶意分析] 通过实例学习ROP技术
http://mp.weixin.qq.com/s/wuTPDcKKe-EwrNwNo9Tjtg

[Web安全] 渗透测试神器Cobalt Strike使用宝典
http://www.freebuf.com/company-information/167460.html

[Web安全] 简单粗暴的文件上传漏洞
http://mp.weixin.qq.com/s/e1jy-DFOSROmSvvzX_Ge5g

[运维安全] Linux Kernel Defence Map
https://github.com/a13xp0p0v/linux-kernel-defence-map

[论文] IT and Information Security Cheat Sheets
https://zeltser.com/cheat-sheets/

[Web安全] CVE-2018-1270 Remote Code Execution with spring-messaging
http://www.polaris-lab.com/index.php/archives/501/

[漏洞分析] Vulnerability Modeling with Binary Ninja
https://blog.trailofbits.com/2018/04/04/vulnerability-modeling-with-binary-ninja/

[无线安全] Exploiting Bluetooth Low Energy using Gattacker for IoT
https://blog.attify.com/hacking-bluetooth-low-energy/

[Web安全] 挖洞技巧-那个简单的威胁情报
https://mp.weixin.qq.com/s/Fs6j-ufxxEMjyHnOJEnuGA

[恶意分析] Hacked Website Trend Report – 2017
https://sucuri.net/reports/Sucuri-Hacked-Report-2017.pdf

[其它] 我们来聊一聊渗透测试
http://mp.weixin.qq.com/s/w2TG-Wsnee7A2zNqe6d-nw

[漏洞分析] 路由器漏洞 EXP 开发实践
http://mp.weixin.qq.com/s/PcuX4ZpxlRRlmwvA9v42mA

[文档] 5G网络安全白皮书
https://mp.weixin.qq.com/s/ReymClMeHOmx1_EjqOUZUg

[运维安全] 饿了么异地多活技术实现
https://mp.weixin.qq.com/s/pKAYR1GxbQH51RkgkpmcOg

[无线安全] Stealing Credit Cards from FUZE via Bluetooth
https://blog.ice9.us/2018/04/stealing-credit-cards-from-fuze-bluetooth.html

[运维安全] 利用ELK搭建Docker容器化应用日志中心
https://www.jianshu.com/p/a40c36beee63

[Web安全] 同源策略和跨域访问学习笔记
http://uknowsec.cn/posts/notes/%E5%90%8C%E6%BA%90%E7%AD%96%E7%95%A5%E5%92%8C%E8%B7%A8%E5%9F%9F%E8%AE%BF%E9%97%AE%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0.html

[工具] 枚举kerberos域用户的字典
https://github.com/re4lity/kerberos_enum_dict

[恶意分析] 如何在插件中植入后门
https://www.anquanke.com/post/id/103569

[Web安全] Beyond XSS: Edge Side Include Injection
https://gosecure.net/2018/04/03/beyond-xss-edge-side-include-injection/

[恶意分析] IAT 三连之什么是 IAT？
http://mp.weixin.qq.com/s/NYL-9lOBoOXEJF1x3Lp4NA

[恶意分析] 看我如何让 360 把 helloword 干掉
http://mp.weixin.qq.com/s/Fk6FWaCAYUq99DDJjDqukA

[杂志] SecWiki周刊（第213期)
https://www.sec-wiki.com/weekly/213

[恶意分析] ring3层恶意代码实例汇总
http://mp.weixin.qq.com/s/wY3KnCewAw6WS5bNYlm-2Q

[漏洞分析] 通过POC来学习漏洞的原理
http://mp.weixin.qq.com/s/ogFLjUpd2HU60raUxGNWhg

[Web安全] 低成本打造一个高性能的外网Metasploit
http://www.freebuf.com/articles/network/166702.html

[论文] 区块链的网络安全: 威胁与对策
http://jcs.iie.ac.cn/ch/reader/create_pdf.aspx?file_no=20180207&flag=1&year_id=2018&quarter_id=2

[运维安全] SSL_TLS 攻击原理解析
https://mp.weixin.qq.com/s/W620Pdu6qvoqjacSRPRVyg

[恶意分析] 揭露某些所谓"大佬"不为人知的另一面
http://mp.weixin.qq.com/s/cRSJhhALlDX54stKj_kwoQ

[恶意分析] 解读NSA对APT组织的透视
https://mp.weixin.qq.com/s/DfvAIZYuDTtNMkijJNledQ

[取证分析] Threat Hunting via Windows Event Logs
https://www.dropbox.com/s/50623g2yahys6bz/Threat%20Hunting%20via%20Windows%20Event%20Logs.pdf?dl=0

[Web安全] 记一次审计 xiaocms 的过程
http://mp.weixin.qq.com/s/1G6q7Mk5aQL_9yZ6t58_nA

[取证分析] 犯罪情报分析师知识和能力清单（初稿）
https://mp.weixin.qq.com/s/i5iL6R6m_UtmXYGfrRa31w

[数据挖掘] DetectMaliciousURL: Applying text model to Detection Task
https://github.com/cwellszhang/DetectMaliciousURL

[工具] 绕过应用程序白名单技巧
http://mp.weixin.qq.com/s/NGYhrK4dH-ikfdklEA4nUQ

[Web安全] Cobalt strike3.8 中文支持
https://evi1cg.me/archives/CS3_8_chinese_support.html

[工具] BountyDash is a tool to combine your rewards from all platforms, giving you insi
https://github.com/avlidienbrunn/bountydash

[工具] 优秀的 WIFI 渗透工具汇总
https://mp.weixin.qq.com/s/Why61qJGeT0y6w2iHEBhiA

[Web安全] Summary of PHP code audit experience
https://xz.aliyun.com/t/2246

[工具] A malicious DNS server for executing DNS Rebinding attacks on the fly
https://github.com/brannondorsey/whonow

[Web安全] PHP安全开发中常见的Dos风险
http://mp.weixin.qq.com/s/zKmz6eamYCuWFGKmPWFqFA

[工具] 利用DNS协议回显数据
http://mp.weixin.qq.com/s/SZxWacuk5-rNqun76NtlIQ

[工具] Powershell绕过执行及脚本混淆
http://mp.weixin.qq.com/s/cJwekK4rQUmEyZTAXX_PVQ

[Web安全] 从 Ajax 聊一聊 Jsonp 点击劫持
http://mp.weixin.qq.com/s/0rTTpt0GtBDgdjVl0dDl8Q

[取证分析] A Study on Threat Intelligence Platforms (TIPs)
https://threatintel.eu/2018/04/04/a-study-on-threat-intelligence-platforms/

[Web安全] 代码审计之CmsEasy_v5.7 漏洞分析
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903588&idx=1&sn=32009fbca5e1840e09c73e848407de82&chksm=8b55ddf9bc2254efc5abaaace9f0d9d1d407aa07fea199557b2d62cc7c5c3fd6fdca5cdbaf8d&mpshare=1&scene=23&srcid=0402sy1nInz3sHk3D4Go4jqn#rd

[恶意分析] PE 病毒与 msf 奇遇记
http://mp.weixin.qq.com/s/kRMuGMFOxUCW0whh8TtlTQ

[Web安全] SQL 注入类型详解
http://mp.weixin.qq.com/s/BQVS7alMSdy3_SQuMymkug

[工具] 打造属于自己的渗透神器
http://mp.weixin.qq.com/s/prcJJWUKW3-76k3MYtQiUA

[工具] pentestdb 架构详解
http://mp.weixin.qq.com/s/b4cpUQf5K9oz2b3ka6dNgQ

[Web安全] 审计某开源商城中的漏洞大礼包
http://mp.weixin.qq.com/s/iPOIUGOc9t-DjlFzOSqieg

[工具] Shodan 参考手册
http://mp.weixin.qq.com/s/SVl_YLhcfNgHya6jEnKx1g

[工具] 打造属于自己的渗透神器第二篇
http://mp.weixin.qq.com/s/n6nfj9JovlhAw9D1aULzMA

[Web安全] DTD 实体 XXE 浅析
http://mp.weixin.qq.com/s/vkCdz6YCoiiJPI30KePD6g

[Web安全] VulnHub 中 LazySysAdmin 题目详解
http://mp.weixin.qq.com/s/Auhpkoe1NRoHmZ4REYjZ-A

[Web安全] http 协议详解
http://mp.weixin.qq.com/s/DshzEGF2B9Wd2dteu1NAXQ

[Web安全] 记一次有趣的渗透测试
http://mp.weixin.qq.com/s/w5Dl54oOA7-XYuSIrguy-w

[Web安全] RedTiger 通关学习总结
http://mp.weixin.qq.com/s/nqfI10K423fO_KculsE8UQ

[Web安全] 轻松理解什么是 webshell
http://mp.weixin.qq.com/s/x2Tw3ukaTFDJvZ0YCuZBog

[Web安全] Java代码审计-铁人下载系统
https://mp.weixin.qq.com/s/8mmj-mixScgOKq7cL2_YcQ

[Web安全] 审计 tinyshop 中风险
http://mp.weixin.qq.com/s/tdyTY_x2AUYQAygHN15olA

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第214期)

SecWiki周刊（第214期）

最新公告

友情链接

SecWiki公众号

安全学术圈