SecWiki周刊(第265期)
2019/03/25-2019/03/31
安全资讯
美国230万灾难幸存者隐私信息恐遭泄露
https://nosec.org/home/detail/2396.html
https://nosec.org/home/detail/2396.html
安全技术
Pwn2Own 2019 Firefox 远程代码执行漏洞(CVE-2019-9810)的 POC
https://github.com/xuechiyaobai/CVE-2019-9810-PoC/
https://github.com/xuechiyaobai/CVE-2019-9810-PoC/
详解Laravel 5.8 SQL注入漏洞
https://nosec.org/home/detail/2395.html
https://nosec.org/home/detail/2395.html
Osquery检测入侵痕迹
https://evilanne.github.io/2019/02/20/Osquery%E6%A3%80%E6%B5%8B%E5%85%A5%E4%BE%B5%E7%97%95%E8%BF%B9/
https://evilanne.github.io/2019/02/20/Osquery%E6%A3%80%E6%B5%8B%E5%85%A5%E4%BE%B5%E7%97%95%E8%BF%B9/
Druid拦截功能的配置与简单绕过
https://mp.weixin.qq.com/s/lGalf63VXCva2I5BpmSMgQ
https://mp.weixin.qq.com/s/lGalf63VXCva2I5BpmSMgQ
红队基础建设:隐藏你的C2 server
https://xz.aliyun.com/t/4509
https://xz.aliyun.com/t/4509
IoT 设备固件分析之网络协议 fuzz
https://mp.weixin.qq.com/s/5gwJpqj7ysue19OcoPI16A
https://mp.weixin.qq.com/s/5gwJpqj7ysue19OcoPI16A
fridump3: A universal memory dumper using Frida for Python 3
https://github.com/rootbsd/fridump3
https://github.com/rootbsd/fridump3
攻破 Chrome 的 ValueDeserializer::ReadDenseJSArray 越界写漏洞(CVE-2018-17480)
https://bugs.chromium.org/p/chromium/issues/detail?id=905940
https://bugs.chromium.org/p/chromium/issues/detail?id=905940
NTA技术 & 代表性NTA产品一览
https://mp.weixin.qq.com/s/MP0tONsz5KRRa-swTwDh9w
https://mp.weixin.qq.com/s/MP0tONsz5KRRa-swTwDh9w
Google 基础架构安全设计概述
https://mp.weixin.qq.com/s/MOJCYDN-W9KObOZpc6kx1g
https://mp.weixin.qq.com/s/MOJCYDN-W9KObOZpc6kx1g
披露一种针对W-IFI WPA/WPA2协议的MOTS(Man-On-The-Side)的攻击方式
https://github.com/zjlywjh001/CanSecWest19
https://github.com/zjlywjh001/CanSecWest19
使用 BadUSB 攻击路由设备控制目标网络
https://medium.com/tenable-techblog/owning-the-network-with-badusb-72daa45d1b00
https://medium.com/tenable-techblog/owning-the-network-with-badusb-72daa45d1b00
cve-2019-0808-poc
https://github.com/ze0r/cve-2019-0808-poc/
https://github.com/ze0r/cve-2019-0808-poc/
以攻促防:企业蓝军建设思考
https://mp.weixin.qq.com/s/8iJs2ON66NY1Jdbt7c-BTA
https://mp.weixin.qq.com/s/8iJs2ON66NY1Jdbt7c-BTA
酷炫的深度学习网络图画法
https://bigquant.com/community/t/topic/150804
https://bigquant.com/community/t/topic/150804
Defeating Userland Hooks (ft. Bitdefender)
https://0x00sec.org/t/defeating-userland-hooks-ft-bitdefender/12496
https://0x00sec.org/t/defeating-userland-hooks-ft-bitdefender/12496
勒索病毒应急响应 自救手册(第二版)
https://www.anquanke.com/post/id/175550
https://www.anquanke.com/post/id/175550
初入甲方的企业安全建设规划
https://www.freebuf.com/articles/es/198597.html
https://www.freebuf.com/articles/es/198597.html
绕过 nftables/PacketFilter 防火墙过滤规则传输 ICMP/ICMPv6 数据包的漏洞详解
https://www.synacktiv.com/posts/systems/icmp-reachable.html
https://www.synacktiv.com/posts/systems/icmp-reachable.html
HackerOne 50M CTF Writeup
http://0xc0ffee.io/blog/50M-CTF
http://0xc0ffee.io/blog/50M-CTF
交互式Git教程
https://learngitbranching.js.org/
https://learngitbranching.js.org/
使用 Sboxr 自动化发现和利用 DOM XSS - Part 1
https://blog.appsecco.com/automating-discovery-and-exploiting-dom-client-xss-vulnerabilities-using-sboxr-part-1-2e55c120c9e1
https://blog.appsecco.com/automating-discovery-and-exploiting-dom-client-xss-vulnerabilities-using-sboxr-part-1-2e55c120c9e1
KBuster:以伪造韩国银行APP的韩国黑产活动披露
https://mp.weixin.qq.com/s/p2pmW_JH7DgPt5o-HYmTpw
https://mp.weixin.qq.com/s/p2pmW_JH7DgPt5o-HYmTpw
通过 DCOM 远程执行 Excel 4.0/XLM 宏实现横向渗透的利用脚本
https://github.com/outflanknl/Excel4-DCOM
https://github.com/outflanknl/Excel4-DCOM
One-liner Safari sandbox escape exploit
https://medium.com/0xcc/one-liner-safari-sandbox-escape-exploit-91082ddbe6ef
https://medium.com/0xcc/one-liner-safari-sandbox-escape-exploit-91082ddbe6ef
Coablt strike官方教程中文译版本
https://backlion.cnblogs.com/p/10616308.html?from=timeline
https://backlion.cnblogs.com/p/10616308.html?from=timeline
Windows 10 IoT Core远程命令执行漏洞验证及建议
https://mp.weixin.qq.com/s/Pq2win4kH72eG_n7aKQdIQ
https://mp.weixin.qq.com/s/Pq2win4kH72eG_n7aKQdIQ
automated-pentest-自动化扫描和生成渗透测试报告的 Parrot OS 系统容器
https://github.com/vishnudxb/automated-pentest
https://github.com/vishnudxb/automated-pentest
.NET高级代码审计(第五课) .NET Remoting反序列化漏洞
https://www.anquanke.com/post/id/174009
https://www.anquanke.com/post/id/174009
Linux CTF 二进制挑战的详细逆向工程分析
https://blog.kartone.ninja/2019/03/25/when-a-reverse-me-ctf-binary-makes-you-loose-that-job/
https://blog.kartone.ninja/2019/03/25/when-a-reverse-me-ctf-binary-makes-you-loose-that-job/
谷歌论坛的越权漏洞(500美金)
https://nosec.org/home/detail/2419.html
https://nosec.org/home/detail/2419.html
从零开始Java代码审计系列(一)
https://xz.aliyun.com/t/4558
https://xz.aliyun.com/t/4558
一篇域攻击文章的复现
https://xz.aliyun.com/t/4441
https://xz.aliyun.com/t/4441
router_badusb: BadUSB in Routers
https://github.com/tenable/router_badusb
https://github.com/tenable/router_badusb
软件供应链来源攻击分析报告
https://mp.weixin.qq.com/s/If_Q0BlIZTiYp_7d1zJMWw
https://mp.weixin.qq.com/s/If_Q0BlIZTiYp_7d1zJMWw
GithubMonitor: 关键词监控GitHub泄漏
https://github.com/Macr0phag3/GithubMonitor
https://github.com/Macr0phag3/GithubMonitor
Android Runtime Restrictions Bypass
https://blog.quarkslab.com/android-runtime-restrictions-bypass.html
https://blog.quarkslab.com/android-runtime-restrictions-bypass.html
SearchApp: 小型网络空间搜索引擎
https://github.com/imjdl/SearchApp
https://github.com/imjdl/SearchApp
社工攻击-BadUSB攻防
https://mp.weixin.qq.com/s/R4MdPVTOqUNg8-1HSOyQzw
https://mp.weixin.qq.com/s/R4MdPVTOqUNg8-1HSOyQzw
Attacking Java RMI services after JEP 290
https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/
https://mogwailabs.de/blog/2019/03/attacking-java-rmi-services-after-jep-290/
一行代码逃逸 Safari 沙箱
https://weibo.com/ttarticle/p/show?id=2309404354112320866984
https://weibo.com/ttarticle/p/show?id=2309404354112320866984
PHP内核层解析反序列化漏洞
https://mp.weixin.qq.com/s/RL8_kDoHcZoED1G_BBxlWw
https://mp.weixin.qq.com/s/RL8_kDoHcZoED1G_BBxlWw
Analysis of NetWiredRC trojan
https://maskop9.tech/index.php/2019/01/30/analysis-of-netwiredrc-trojan/
https://maskop9.tech/index.php/2019/01/30/analysis-of-netwiredrc-trojan/
寻找隐藏在CloudFlare和Tor后的真实IP
https://nosec.org/home/detail/2405.html
https://nosec.org/home/detail/2405.html
browspy: 浏览器用户全部信息收集JavaScript
https://github.com/Urinx/browspy
https://github.com/Urinx/browspy
通过漏洞利用模版使漏洞利用自动化
https://www.4hou.com/web/16902.html
https://www.4hou.com/web/16902.html
CVE-2019-7286 Part II: Gaining PC Control
https://blog.zecops.com/vulnerabilities/exploit-of-cve-2019-7286/
https://blog.zecops.com/vulnerabilities/exploit-of-cve-2019-7286/
Dissecting ShadowHammer
https://www.cyberfox.blog/dissecting-shadowhammer/
https://www.cyberfox.blog/dissecting-shadowhammer/
Analysis of .Net Stealer GrandSteal
http://www.peppermalware.com/2019/03/analysis-of-net-stealer-grandsteal-2019.html
http://www.peppermalware.com/2019/03/analysis-of-net-stealer-grandsteal-2019.html
利用BadUSB控制整个网络
https://nosec.org/home/detail/2425.html
https://nosec.org/home/detail/2425.html
Simdjson:一个超高速的JSON解析工具
https://www.freebuf.com/sectool/198277.html
https://www.freebuf.com/sectool/198277.html
阿里云和谷歌(1300美金)的XSS漏洞
https://nosec.org/home/detail/2402.html
https://nosec.org/home/detail/2402.html
Analysis and Reproduction of iOS/OSX Vulnerability: CVE-2019-7286
https://blog.zecops.com/vulnerabilities/analysis-and-reproduction-of-cve-2019-7286/
https://blog.zecops.com/vulnerabilities/analysis-and-reproduction-of-cve-2019-7286/
Microsoft Defender ATP investigation unearths privilege escalation flaw
https://www.microsoft.com/security/blog/2019/03/25/from-alert-to-driver-vulnerability-microsoft-defender-atp-investigation-unearths-privilege-escalation-flaw/
https://www.microsoft.com/security/blog/2019/03/25/from-alert-to-driver-vulnerability-microsoft-defender-atp-investigation-unearths-privilege-escalation-flaw/
对泄漏的未初始化内核内存的取证分析
https://dfir.ru/2019/03/25/forensic-analysis-of-disclosed-uninitialized-kernel-memory/
https://dfir.ru/2019/03/25/forensic-analysis-of-disclosed-uninitialized-kernel-memory/
PayPal旗下Braintree网站的“不寻常”漏洞(3200美金)
https://nosec.org/home/detail/2420.html
https://nosec.org/home/detail/2420.html
Tomcat变体利用:host-manager
https://xz.aliyun.com/t/4435
https://xz.aliyun.com/t/4435
一行代码逃逸 Safari 沙箱
https://weibo.com/ttarticle/p/show?id=2309404354112320866984&sudaref=cp0.win&display=0&retcode=6102
https://weibo.com/ttarticle/p/show?id=2309404354112320866984&sudaref=cp0.win&display=0&retcode=6102
npk: A mostly-serverless distributed hash cracking platform
https://github.com/Coalfire-Research/npk
https://github.com/Coalfire-Research/npk
Google Groups Authorization Bypass / $500 bounty
https://www.komodosec.com/post/google-groups-authorization-bypass
https://www.komodosec.com/post/google-groups-authorization-bypass
Remote command injection through an endpoint security product
https://www.pentestpartners.com/security-blog/remote-command-injection-through-an-endpoint-security-product/
https://www.pentestpartners.com/security-blog/remote-command-injection-through-an-endpoint-security-product/
OSINT Primer:域名(第1部分)
https://xz.aliyun.com/t/4504
https://xz.aliyun.com/t/4504
-----微信ID:SecWiki-----
SecWiki,12年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第265期)
