SecWiki周刊(第273期)
2019/05/20-2019/05/26
安全资讯
远不止FBI和CIA——美国情报机构红宝书
https://mp.weixin.qq.com/s/AUwNbrUuiE7DldWeK9QcOA
https://mp.weixin.qq.com/s/AUwNbrUuiE7DldWeK9QcOA
关于《网络安全审查办法(征求意见稿)》公开征求意见
http://www.cac.gov.cn/2019-05/24/c_1124532846.htm
http://www.cac.gov.cn/2019-05/24/c_1124532846.htm
安全技术
2000day in Safari
https://speakerdeck.com/bo0om/2000day-in-safari
https://speakerdeck.com/bo0om/2000day-in-safari
Make Redirection Evil Again: URL Parser Issues in OAuth
https://www.tttang.com/archive/1290/
https://www.tttang.com/archive/1290/
How to Create a Malware Detection System With Machine Learning
https://www.evilsocket.net/2019/05/22/How-to-create-a-Malware-detection-system-with-Machine-Learning/
https://www.evilsocket.net/2019/05/22/How-to-create-a-Malware-detection-system-with-Machine-Learning/
AWS Security Incident Response Guide
https://d1.awsstatic.com/whitepapers/aws_security_incident_response.pdf
https://d1.awsstatic.com/whitepapers/aws_security_incident_response.pdf
Incident response at your fingertips with Microsoft Defender ATP live response
https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Incident-response-at-your-fingertips-with-Microsoft-Defender-ATP/ba-p/614894
https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Incident-response-at-your-fingertips-with-Microsoft-Defender-ATP/ba-p/614894
Calling iOS Native Functions from Python Using Frida and RPC
https://grepharder.github.io/blog/0x04_calling_ios_native_functions_from_python_using_frida_and_rpc.html
https://grepharder.github.io/blog/0x04_calling_ios_native_functions_from_python_using_frida_and_rpc.html
国赛-bbvvmm-SM4逆向分析,虚拟机指令分析
https://xz.aliyun.com/t/5195
https://xz.aliyun.com/t/5195
CVE-2019-0708 Technical Analysis (RDP-RCE)
https://wazehell.io/2019/05/22/cve-2019-0708-technical-analysis-rdp-rce/
https://wazehell.io/2019/05/22/cve-2019-0708-technical-analysis-rdp-rce/
DataCon 2019: 1st place solution of malicious DNS traffic & DGA analysis
https://www.cdxy.me/?p=806
https://www.cdxy.me/?p=806
CTF中常见编码、代码混淆及加解密
https://mp.weixin.qq.com/s/-19rmEhN7T_VQJKYZntHCQ
https://mp.weixin.qq.com/s/-19rmEhN7T_VQJKYZntHCQ
The Tier of Threat Actors – Cheatsheet
https://itblogr.com/tier-of-threat-actors-cheatsheet/
https://itblogr.com/tier-of-threat-actors-cheatsheet/
Sojobo - Yet another binary analysis framework
https://antonioparata.blogspot.com/2019/05/sojobo-yet-another-binary-analysis.html
https://antonioparata.blogspot.com/2019/05/sojobo-yet-another-binary-analysis.html
从Zend虚拟机分析PHP加密扩展
https://blog.zsxsoft.com/post/40
https://blog.zsxsoft.com/post/40
西部数码MyCloud NAS命令执行漏洞
https://nosec.org/home/detail/2664.html
https://nosec.org/home/detail/2664.html
智能摄像头安全分析及案例参考
https://mp.weixin.qq.com/s/LS125u6qFxUoXm2CwnPepw
https://mp.weixin.qq.com/s/LS125u6qFxUoXm2CwnPepw
Pymetasploit3:使用Python3实现Metasploit自动化
https://nosec.org/home/detail/2663.html
https://nosec.org/home/detail/2663.html
CVE-2019-8506 JavaScriptCore exploit
http://lordofpwn.kr/index.php/writeup/cve-2019-8506-javascriptcore-exploit/
http://lordofpwn.kr/index.php/writeup/cve-2019-8506-javascriptcore-exploit/
CheckVM-Sandbox
https://github.com/sharepub/CheckVM-Sandbox
https://github.com/sharepub/CheckVM-Sandbox
分布式web漏洞扫描平台WDScanner v1.1版本发布
https://mp.weixin.qq.com/s/ZbahHqET6ePysrqUFgeNYA
https://mp.weixin.qq.com/s/ZbahHqET6ePysrqUFgeNYA
第一届HDCTF Write up
https://www.anquanke.com/post/id/178909
https://www.anquanke.com/post/id/178909
Acunetix Vulnerability Scanner现可进行网络安全扫描
https://nosec.org/home/detail/2651.html
https://nosec.org/home/detail/2651.html
我生命中最昂贵的经历:SIM卡移植攻击
https://nosec.org/home/detail/2662.html
https://nosec.org/home/detail/2662.html
An extremely insecure Ethereum cryptowallet
https://gitlab.com/badbounty/dvcw
https://gitlab.com/badbounty/dvcw
iOS/OSX Content Filter Kernel UAF Analysis + POC
https://blog.zecops.com/vulnerabilities/analysis-and-poc-of-content-filter-kernel-use-after-free/
https://blog.zecops.com/vulnerabilities/analysis-and-poc-of-content-filter-kernel-use-after-free/
【移动安全】移动应用安全基础篇——破掉iOS加密数据
https://mp.weixin.qq.com/s/e2DQ18txynHqwplCROsoEA
https://mp.weixin.qq.com/s/e2DQ18txynHqwplCROsoEA
WD My Cloud RCE
https://bnbdr.github.io/posts/wd/
https://bnbdr.github.io/posts/wd/
CVE-2019-0803: Win32k Elevation of Privilege Poc
https://github.com/ExpLife0011/CVE-2019-0803
https://github.com/ExpLife0011/CVE-2019-0803
LFI ON PRODUCTION SERVERS in "springboard.google.com" – $13,337USD
https://omespino.com/write-up-google-bug-bounty-lfi-on-production-servers-in-redacted-google-com-13337-usd/
https://omespino.com/write-up-google-bug-bounty-lfi-on-production-servers-in-redacted-google-com-13337-usd/
无需括号和分号的XSS
https://nosec.org/home/detail/2654.html
https://nosec.org/home/detail/2654.html
RCTF 2019 Web Writeup
https://xz.aliyun.com/t/5218
https://xz.aliyun.com/t/5218
如何将XSS漏洞从中危提升到严重
https://nosec.org/home/detail/2661.html
https://nosec.org/home/detail/2661.html
Even more secret Telegrams
https://medium.com/@labunskya/secret-telegrams-bdd2035b6e84
https://medium.com/@labunskya/secret-telegrams-bdd2035b6e84
Is MIME Sniffing XSS a real thing?
https://www.komodosec.com/post/mime-sniffing-xss
https://www.komodosec.com/post/mime-sniffing-xss
Reverse Engineering the iClicker Base Station
https://blog.ammaraskar.com/iclicker-reverse-engineering/
https://blog.ammaraskar.com/iclicker-reverse-engineering/
yurita: Anomaly detection framework @ PayPal
https://github.com/paypal/yurita
https://github.com/paypal/yurita
Microsoft Edge Renderer Exploitation (CVE-2019-0940). Part 1
https://blog.exodusintel.com/2019/05/19/pwn2own-2019-microsoft-edge-renderer-exploitation-cve-2019-9999-part-1/
https://blog.exodusintel.com/2019/05/19/pwn2own-2019-microsoft-edge-renderer-exploitation-cve-2019-9999-part-1/
XSS without parentheses and semi-colons
https://portswigger.net/blog/xss-without-parentheses-and-semi-colons
https://portswigger.net/blog/xss-without-parentheses-and-semi-colons
Injecting shellcode into x64 ELF binaries
https://www.matteomalvica.com/blog/2019/05/18/elf-injection/
https://www.matteomalvica.com/blog/2019/05/18/elf-injection/
XSSed my way to 1000$
https://gauravnarwani.com/xssed-my-way-to-1000/
https://gauravnarwani.com/xssed-my-way-to-1000/
域渗透——普通用户权限获得DNS记录
https://3gstudent.github.io/%E5%9F%9F%E6%B8%97%E9%80%8F-%E6%99%AE%E9%80%9A%E7%94%A8%E6%88%B7%E6%9D%83%E9%99%90%E8%8E%B7%E5%BE%97DNS%E8%AE%B0%E5%BD%95/
https://3gstudent.github.io/%E5%9F%9F%E6%B8%97%E9%80%8F-%E6%99%AE%E9%80%9A%E7%94%A8%E6%88%B7%E6%9D%83%E9%99%90%E8%8E%B7%E5%BE%97DNS%E8%AE%B0%E5%BD%95/
Details of SIM port hack
https://medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124?sk=4c29b27bacb2eff038ec8fe4d40cd615
https://medium.com/coinmonks/the-most-expensive-lesson-of-my-life-details-of-sim-port-hack-35de11517124?sk=4c29b27bacb2eff038ec8fe4d40cd615
从后渗透分析应急响应的那些事儿(二)免杀初识篇
https://mp.weixin.qq.com/s/BBnbrDQ2EcXbz5AZF6PY8g
https://mp.weixin.qq.com/s/BBnbrDQ2EcXbz5AZF6PY8g
Awesome-Cellular-Hacking
https://github.com/W00t3k/Awesome-Cellular-Hacking
https://github.com/W00t3k/Awesome-Cellular-Hacking
APT28分析之CVE-2015-1641样本分析
https://xz.aliyun.com/t/5198
https://xz.aliyun.com/t/5198
Detecting Patterns with Unsupervised Learning
https://medium.com/code-gin/detecting-patterns-with-unsupervised-learning-88ba737d4f34
https://medium.com/code-gin/detecting-patterns-with-unsupervised-learning-88ba737d4f34
ESCAPING THE CHROME SANDBOX WITH A WIN32K NDAY
https://blog.exodusintel.com/2019/05/17/windows-within-windows/
https://blog.exodusintel.com/2019/05/17/windows-within-windows/
jQuery 安全模型解释
https://www.cnblogs.com/aichenxy/p/7207319.html
https://www.cnblogs.com/aichenxy/p/7207319.html
Hacking Facebook the Hard Way
https://www.symbo1.com/articles/2019/05/21/hacking-facebook-the-hard-way.html
https://www.symbo1.com/articles/2019/05/21/hacking-facebook-the-hard-way.html
Stealing Downloads from Slack Users
https://medium.com/tenable-techblog/stealing-downloads-from-slack-users-be6829a55f63
https://medium.com/tenable-techblog/stealing-downloads-from-slack-users-be6829a55f63
Reversing Golang Binaries: Part-1
https://medium.com/@nishanmaharjan17/reversing-golang-binaries-part-1-c273b2ca5333
https://medium.com/@nishanmaharjan17/reversing-golang-binaries-part-1-c273b2ca5333
APP漏洞利用组合拳——应用克隆案例分析
http://blog.nsfocus.net/app-vulnerability-exploitation-combination-boxing/
http://blog.nsfocus.net/app-vulnerability-exploitation-combination-boxing/
Getting Into Browser Exploitation
https://liveoverflow.com/getting-into-browser-exploitation-new-series-introduction-browser-0x00/
https://liveoverflow.com/getting-into-browser-exploitation-new-series-introduction-browser-0x00/
A Curious Case of Malwarebytes
https://0x00sec.org/t/a-curious-case-of-malwarebytes/13746
https://0x00sec.org/t/a-curious-case-of-malwarebytes/13746
Fun With Custom URI Schemes
https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/
https://zeropwn.github.io/2019-05-22-fun-with-uri-handlers/
Linux Privilege Escalation via LXD & Hijacked UNIX Socket Credentials
https://shenaniganslabs.io/2019/05/21/LXD-LPE.html
https://shenaniganslabs.io/2019/05/21/LXD-LPE.html
Using the Exception Directory to find GetProcAddress
https://modexp.wordpress.com/2019/05/19/shellcode-getprocaddress/
https://modexp.wordpress.com/2019/05/19/shellcode-getprocaddress/
Reversing Golang Binaries: Part-2
https://medium.com/@nishanmaharjan17/reversing-golang-binaries-part-2-26f522264d01
https://medium.com/@nishanmaharjan17/reversing-golang-binaries-part-2-26f522264d01
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第273期)
