(转载)2020.9.21-9.27一周安全知识动态
2020.9.21-9.27一周安全知识动态
转自
漏洞挖掘相关
•Resmack: Part 2: Full Fuzzer Detour
1 | https://narly.me/posts/resmack-detour-full-fuzzer-experiment/用resmack来做fuzzer |
CTF相关
•Official solution for 0CTF/TCTF 2020 Finals challenge Emoji Revenge
1 | https://gist.github.com/0xKira/077cd03ffd5273dd566533dd8e02824b0CTF/TCTF 2020决赛EmojiRevenge官方writeup |
浏览器漏洞相关
•Fuzzing V8 Engine JavaScript WebAssembly API using Dharma
1 | https://academy.fuzzinglabs.com/fuzzing-v8-engine-javascript-webassembly-api-using-dharma使用Dharma fuzz v8的WebAssembly API |
虚拟化逃逸漏洞相关
•VMware Workstation: Attack surface through Virtual Printer
1 | https://blog.khonggianmang.vn/vmware-workstation-attack-surface-through-virtual-printer/VMware逃逸漏洞CVE-2020-3989以及CVE-2020-3990分析 |
•Cloud Network Security 101: Azure Virtual Network Service Endpoints
1 | https://www.fugue.co/blog/cloud-network-security-101-azure-virtual-network-service-endpointsAzure虚拟网络服务终端部署 |
操作系统漏洞相关
•Writing an iOS Kernel Exploit from Scratch
1 | https://secfault-security.com/blog/chain3.htmlios kernel 利用 |
•CVE-2020-1350 Windows DNS Server • 10.0.17763.1075 (WinBuild.160101.0800) • Integer Overflow
1 | https://cpr-zero.checkpoint.com/vulns/cprid-2156/Windows DNS Server CVE-2020-1350整数溢出漏洞 |
•CVE-2020-9964 - An iOS infoleak
1 | https://muirey03.blogspot.com/2020/09/cve-2020-9964-ios-infoleak.html?m=1CVE-2020-9964 iOS信息泄露漏洞分析 |
•Containing a Real Vulnerability
1 | https://gvisor.dev/blog/2020/09/18/containing-a-real-vulnerability/CVE-2020-14386 linux提权漏洞分析 |
•Code Execution Vulnerability in Instagram App for Android and iOS
1 | https://research.checkpoint.com/2020/instagram_rce-code-execution-vulnerability-in-instagram-app-for-android-and-ios/Instagram安卓以及iOS端代码执行漏洞分析 |
•Kernel exploitation: weaponizing CVE-2020-17382 MSI Ambient Link driver
1 | https://www.matteomalvica.com/blog/2020/09/24/weaponizing-cve-2020-17382/ |
•Exploiting SIGRed (CVE-2020–1350) on Windows Server 2012/2016/2019
1 | https://medium.com/@datafarm.cybersecurity/exploiting-sigred-cve-2020-1350-on-windows-server-2012-2016-2019-80dd88594228SIGRed(CVE-2020–1350)在Windows server 2012/2016/2019中的利用 |
应用程序漏洞相关
•Local Privilege Escalation in Fortinet SSL VPN client for Linux
1 | https://www.synacktiv.com/sites/default/files/2020-09/fortinet_sslvpn_client_lpe.pdfFortinet SSL VPN linux客户端本地提权漏洞分析 |
•Pandora FMS 742: Critical Code Vulnerabilities Explained
1 | https://blog.sonarsource.com/pandora-fms-742-critical-code-vulnerabilities-explainedPandora FMS 认证前命令注入漏洞 |
•IBM QRadar Wincollect Escalation of Privilege (CVE-2020-4485 & CVE-2020-4486)
1 | https://labs.redyops.com/index.php/2020/09/11/ibm-qradar-wincollect-escalation-of-privileges-cve-2020-4485-cve-2020-4486/IBM QRadarWincollect本地提权漏洞CVE-2020-4485以及CVE-2020-4486分析 |
•uTorrent CVE-2020-8437 Vulnerability And Exploit Overview
1 | https://blog.whtaguy.com/2020/09/utorrent-cve-2020-8437-vulnerability.htmluTorrent CVE-2020-8437漏洞利用分析 |
•Java RMI for pentesters: structure, recon and communication (non-JMX Registries).
1 | https://medium.com/@afinepl/java-rmi-for-pentesters-structure-recon-and-communication-non-jmx-registries-a10d5c996a79Java RMI相关漏洞分析 |
其它
•One Part Steganography, Four Redirectors, and a Splash of C2!
1 | https://medium.com/@curtbraz/one-part-steganography-four-redirectors-and-a-splash-of-c2-e13e5a65daa9使用二维码隐藏通信流量 |
•Guy’s 30 Reverse Engineering Tips & Tricks
1 | https://blog.whtaguy.com/2020/04/guys-30-reverse-engineering-tips-tricks.html30个逆向小技巧 |
•UEFI Secure Boot Customization
1 | https://media.defense.gov/2020/Sep/15/2002497594/-1/-1/0/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDF/CTR-UEFI-SECURE-BOOT-CUSTOMIZATION-20200915.PDFNSA关于UEFI SecureBoot的报告 |
•BLUR attacks
1 | https://hexhive.epfl.ch/BLURtooth/CVE-2020-15802蓝牙漏洞分析 |
•How to Build a Hacking VPS
1 | https://medium.com/@robertscocca/how-to-build-a-hacking-vps-44159f1eb55c如何配置一个用来搞事情的VPS |
工具相关
•Impost3r: A linux password thief
1 | https://securityonline.info/impost3r-a-linux-password-thief/linux密码提取工具 |
•NoSQLi - A Fast NoSQL Injection Scanner
1 | https://nullsweep.com/nosqli-a-fast-nosql-injection-framework/NoSQL注入漏洞扫描器 |