(转载)2020.10.12-10.18一周安全知识动态
2020.10.12-10.18一周安全知识动态
转自
浏览器漏洞相关
•DOS2RCE: A New Technique to Exploit V8 NULL Pointer Dereference Bug
1 | https://blog.br0vvnn.io/pages/blogpost.aspx?id=1&ln=0 |
漏洞挖掘相关
•Fuzzing Python packages in 5 min using pythonfuzz
1 | https://academy.fuzzinglabs.com/fuzzing-python-packages-5-min-pythonfuzz |
•Introduction to Go fuzzing: fuzz your first project in a few minutes
1 | https://www.youtube.com/watch?v=pA4E8rvQGmY |
IOT漏洞相关
•From Zero to main(): Demystifying Firmware Linker Scripts
1 | https://interrupt.memfault.com/blog/how-to-write-linker-scripts-for-firmware |
•Analysis & Exploitation of a Recent TP-Link Archer A7 Vulnerability
1 | https://starlabs.sg/blog/2020/10/analysis-exploitation-of-a-recent-tp-link-archer-a7-vulnerability/ |
虚拟化逃逸漏洞相关
•Dockerfile Security Best Practices
1 | https://cloudberry.engineering/article/dockerfile-security-best-practices/ |
CTF相关
•File Stream Oriented Programming: SECCON CTF 2020 - lazynote
1 | https://faraz.faith/2020-10-13-FSOP-lazynote/ |
操作系统漏洞相关
•Acronis backup software contains multiple privilege escalation vulnerabilities
1 | https://www.kb.cert.org/vuls/id/114757 |
•CVE-2020-16898: “Bad Neighbor”
1 | https://www.mcafee.com/blogs/other-blogs/mcafee-labs/cve-2020-16898-bad-neighbor/ |
•CVE-2020-16952
1 | https://attackerkb.com/topics/4yGC4tLK2x/cve-2020-16952https://srcincite.io/pocs/cve-2020-16952.py.txt |
•CVE-2020-12928 Exploit Proof-of-Concept, Privilege Escalation in AMD Ryzen Master AMDRyzenMasterDriver.sys
1 | https://h0mbre.github.io/RyzenMaster_CVE/# |
•Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers
1 | https://www.youtube.com/watch?v=uI377m9S0qs |
•Beware the Bad Neighbor: Analysis and PoC of the Windows IPv6 Router Advertisement Vulnerability (CVE-2020-16898)
1 | https://blog.quarkslab.com/beware-the-bad-neighbor-analysis-and-poc-of-the-windows-ipv6-router-advertisement-vulnerability-cve-2020-16898.html |
•Introducing Edge Vulnerability Research
1 | https://microsoftedge.github.io/edgevr/posts/Introducing-Edge-Vulnerability-Research/ |
应用程序漏洞相关
•Exploiting CVE-2020–25213: wp-file-manager wordpress plugin (<6.9) for unauthenticated arbitrary file upload
1 | https://medium.com/@mansoorr/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8 |
•Bypassing Trend Micro Web Threat Protection via Punycode
1 | https://www.inputzero.io/2020/08/bypass-trend-micro-web-threat-protection.html |
•Attackers Abuse MobileIron’s RCE to deliver Kaiten
1 | https://www.blackarrow.net/attackers-abuse-mobileirons-rce-to-deliver-kaiten/ |
•403 to RCE in XAMPP
1 | https://www.securifera.com/blog/2020/10/13/403-to-rce-in-xampp/ |
•CVE-2020-16947
1 | https://github.com/0neb1n/CVE-2020-16947 |
工具相关
•Getting started with Datalog & Rust for program analysis
1 | https://hexgolems.com/2020/10/getting-started-with-ddlog/ |
其它
•In Process Execute Assembly and Mail Slots
1 | https://teamhydra.blog/2020/10/12/in-process-execute-assembly-and-mail-slots/ |
•XBALTI Phishing Scam
1 | https://blog.medarkus.net/2020/10/11/XBALTI-Kit.html |
•HTML to PDF converters, can I hack them?
1 | https://sidechannel.tempestsi.com/html-to-pdf-converters-can-i-hack-them-a681cfee0903 |
•The State of Exploit Development: 80% of Exploits Publish Faster than CVEs
1 | https://unit42.paloaltonetworks.com/state-of-exploit-development/ |