每日攻防资讯简报[Aug.12th]

1.通过逆向多个供应商的固件寻找新的BLE Exploit

2.Windows Print Spooler修补程序绕过可重新启用持久性后门：绕过CVE-2020-1048和修复该漏洞的新修补程序

https://www.zerodayinitiative.com/blog/2020/8/11/windows-print-spooler-patch-bypass-re-enables-persistent-backdoor

3.细解释如何触发PrintDemon漏洞利用，并剖析如何发现新的0Day（CVE-2020-1337）

https://voidsec.com/cve-2020-1337-printdemon-is-dead-long-live-printdemon/

4.三星手机“查找我的手机” 软件包中存在多个漏洞，可能导致手机用户完全丢失数据（恢复出厂设置），以及实时位置跟踪、电话和短信检索、电话锁定、电话解锁等

https://char49.com/tech-reports/fmmx1-report.pdf

5.CVE-2020-1337 Windows Privilege Escalation Exploit

https://github.com/math1as/CVE-2020-1337-exploit

1.pyvirusshare：Python库，与VirusShare API v2交互

https://github.com/chrsow/pyvirusshare

2.渗透测试工具收集

https://github.com/S3cur3Th1sSh1t/Pentest-Tools

3.汇编语言、逆向、恶意代码分析的资源收集

https://gist.github.com/navneetmuffin/ff678b1fda17e6188aa0462a99626121

4.Flask会话Cookie解码器/编码器

https://github.com/noraj/flask-session-cookie-manager

1.使用Symlink攻击击败Secure Boot

https://www.anvilventures.com/blog/defeating-secure-boot-with-symlink-attacks.html

2.滥用AWS连接跟踪

https://frichetten.com/blog/abusing-aws-connection-tracking/

3.Hack the Box (HTB) machines walkthrough series — ServMon

https://resources.infosecinstitute.com/hack-the-box-htb-walkthrough-servmon

4.Just another Null Byte Poison via Unicode variant (MuPDF mutool RCE)

https://gynvael.coldwind.pl/?id=732

5.渗透测试时使用端口转发访问内部计算机

https://medium.com/bugbountywriteup/gain-access-to-an-internal-machine-using-port-forwarding-penetration-testing-518c0b6a4a0e

6.Barbervisor：用英特尔VT-x开发快照Fuzzer的旅程

https://blog.talosintelligence.com/2020/08/barbervisor.html

https://github.com/Cisco-Talos/Barbervisor

7.检测访问令牌操纵

https://i.blackhat.com/USA-20/Thursday/us-20-Burgess-Detecting-Access-Token-Manipulation.pdf

8.通过利用Windows公开的调试框架, 使用调试API在目标进程中调用任意.NET代码

https://blog.xpnsec.com/debugging-into-net/