每日安全动态推送(09-02)

  • A+
所属分类:安全新闻
Tencent Security Xuanwu Lab Daily News


• Operation PowerFall: CVE-2020-0986 and variants:
https://securelist.com/operation-powerfall-cve-2020-0986-and-variants/98329/

   ・ 卡巴斯基对 PowerFall 攻击行动中所用的 GDI Print/Print Spooler API 0Day 漏洞的分析 – Jett


• [Attack] Using assert() to Execute Malware in PHP 7 Environments:
https://sucur.it/2EYeZbL

   ・ 在 PHP7 环境中利用 assert() 函数执行恶意代码 – Jett


• [Fuzzing] Fuzzing with AFL:
https://www.youtube.com/playlist?list=PLHGgqcJIME5koI76OlBdBj7sCid1hbjf-

   ・ Fuzzing with AFL 系列视频 – Jett


• GitHub - 0xnobody/vmpdump: A dynamic VMP dumper and import fixer, powered by VTIL.:
https://github.com/0xnobody/vmpdump

   ・ VMPDump - 有研究员开源了一个利用动态方法实现 VMP 脱壳的工具 – Jett


• [Tools] N1QL Injection: Kind of SQL Injection in a NoSQL Database:
https://labs.f-secure.com/blog/n1ql-injection-kind-of-sql-injection-in-a-nosql-database

   ・ N1QL Injection: Kind of SQL Injection in a NoSQL Database – Jett


• [Forensics] Digital Forensics, Part 11: Recovering Stored Passwords from the Browser:
https://www.hackers-arise.com/post/2019/08/27/digital-forensics-part-11-recovering-stored-passwords-from-the-browser

   ・ 数字取证,第11部分:从计算机系统提取浏览器中的存储的密码。 – lanying37


• [Tools] Off-Path TCP Exploits of the Mixed IPID Assignment:
https://arxiv.org/abs/2008.12981

   ・ 混合IPID分配的非路径TCP攻击利用。 – lanying37


• CVE-2020-0986: Windows splwow64 Untrusted Pointer Dereference:
https://googleprojectzero.blogspot.com/p/rca-cve-2020-0986.html

   ・ CVE-2020-0986: Windows splwow64 Untrusted Pointer Dereference  – Jett


• [Windows] PowerShell Remoting from Linux to Windows:
https://blog.quickbreach.io/blog/powershell-remoting-from-linux-to-windows/

   ・ PowerShell Remoting from Linux to Windows  – Jett


• Java Buffer Overflow with ByteBuffer (CVE-2020-2803) and Mutable MethodType (CVE-2020-2805) Sandbox Escapes:
https://insinuator.net/2020/09/java-buffer-overflow-with-bytebuffer-cve-2020-2803-and-mutable-methodtype-cve-2020-2805-sandbox-escapes/

   ・ 利用内存级漏洞实现 Java 运行时 SecurityManager 沙盒逃逸 – Jett


• Journey to Azure AD PRT: Getting access with pass-the-token and pass-the-cert:
https://o365blog.com/post/prt/

   ・ Azure AD PRT令牌之旅:通过令牌传递与证书传递访问。  – lanying37


• [Windows] Lock screen/Bitlocker bypass/elevation of privilege in Bitlocker:
https://docs.google.com/document/d/1S4jU7knBG_Km_AdHXf8JyE8zl0SOxQ9VvYFPanQy1g8/edit?usp=sharing

   ・ 利用 Bitlocker 实现 Windows 10 锁屏绕过和特权提升 – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: