Analysis of Typo3 deserialization vulnerability (CVE-2019-12747) Author: mengchen@Knownsec 404 TeamDate: August 1, 2019Chinese Version: https://paper.... 2019-08-01 15:07:00 | 阅读: 195 | 收藏 | paper.seebug.org databaserow tca typo3 parsedbody php

Getting Started Tutorial--How to Explore the Camera Vulnerability (Firmware) Author: fenix@Knownsec 404 TeamDate: November 27, 2017Chinese Version: https://paper.... 2019-07-30 12:26:00 | 阅读: 169 | 收藏 | paper.seebug.org firmware chip security memory squashfs

zkSNARK 合约「输入假名」漏洞致众多混币项目爆雷 作者：p0n1@安比实验室公众号：安比实验室大量零知识证明项目由于错误地使用了某个 zkSNARKs 合约库，引入「输入假名 (Input Aliasing) 」漏洞，可... 2019-07-29 17:53:00 | 阅读: 219 | 收藏 | paper.seebug.org 假名 安全 zksnarks 漏洞 椭圆

Fastjson 流程分析及 RCE 分析 作者：Lucifaer博客：https://www.lucifaer.com/ 其实最近爆出的这个rce在去年的时候就有更新，poc在github的com... 2019-07-29 12:37:00 | 阅读: 208 | 收藏 | paper.seebug.org jsonstring deserialze parseobject

The Exploits of Xdebug in PhpStorm Author: dawu@Knownsec 404 TeamDate: August 16, 2018Chinese Version: https://paper.see... 2019-07-26 11:12:00 | 阅读: 207 | 收藏 | paper.seebug.org xdebug phpstorm security php payload

Analysis of Spring MVC Directory Traversal Vulnerability (CVE-2018-1271) Author：Badcode@Knownsec 404 Team Date: August 14, 2018 Chinese Version: https://pa... 2019-07-25 12:18:00 | 阅读: 220 | 收藏 | paper.seebug.org 255c windows mvc security

CVE-2019-11229详细分析 --git config可控-RCE 分析补丁控制 gitconfig进一步利用通过写文件配合 githook path RCE通过控制 git... 2019-07-24 11:45:00 | 阅读: 230 | 收藏 | paper.seebug.org gitea mirror 漏洞 gitproxy 2ftest

Analysis of CVE-2019-11229 -- From Git Config to RCE Author: LoRexxar'@Knownsec 404 TeamDate: July 23, 2019Chinese Version: https://paper.... 2019-07-24 11:44:00 | 阅读: 433 | 收藏 | paper.seebug.org gitea mirror security 2ftest gitproxy

Extend the Attack Surface of PHP Deserialization Vulnerability via Phar Author: Knownsec 404 TeamDate: August 23, 2018Chinese Version: https://paper.seebug.o... 2019-07-23 15:41:00 | 阅读: 196 | 收藏 | paper.seebug.org php wp wordpress attachment security

2019 年上半年高级持续性威胁（APT）研究报告 作者：腾讯安全御见威胁情报中心来源：https://s.tencent.com/research/report/762.html腾讯安全御见威胁情报中心根据团队自己的研究... 2019-07-23 12:49:00 | 阅读: 221 | 收藏 | paper.seebug.org 攻击 安全 威胁 网络 中国

Patch and Analysis of the Joomla Vulnerability Author：LoRexxar'@Knownsec 404 Team Date: Feburary 7, 2018 Chinese Version: https:/... 2019-07-22 16:09:00 | 阅读: 171 | 收藏 | paper.seebug.org joomla security php hathor analysis

Analysis of Weblogic Deserialization Vulnerability (CVE-2018-2628) Author：Badcode@Knownsec 404 Team Date: April 25, 2018 Chinese Version: https://pap... 2019-07-19 16:26:00 | 阅读: 177 | 收藏 | paper.seebug.org weblogic payload security blacklist activator

Analysis of the Security Issues of URL Scheme in PC from CVE-2018-8495 Author: 0x7F@Knownsec 404 TeamDate: October 18, 2018Chinese Version: https://paper.se... 2019-07-18 18:29:00 | 阅读: 173 | 收藏 | paper.seebug.org security windows microsoft injection seebug

Analysis of GPON Home Gateway Remote Command Execution Vulnerability Author：dawu@Knownsec 404 Team Date: May 4, 2018 Chinese Version: https://paper.see... 2019-07-18 17:21:00 | 阅读: 194 | 收藏 | paper.seebug.org security goahead seebug webmgr gponform

Analysis of Front-End SSRF in Discuz x3.4 Author: LoRexxar'@Knownsec 404 TeamDate: December 7, 2018Chinese Version: https://pap... 2019-07-17 14:45:00 | 阅读: 175 | 收藏 | paper.seebug.org security php ssrf knownsec seebug

CVE-2019-11581 Atlassian Jira未授权模板注入漏洞分析 环境搭建第一部分：注入代码并生成邮件第二部分：发送邮件思考参考... 2019-07-17 11:57:00 | 阅读: 219 | 收藏 | paper.seebug.org payload velocity asplaintext atlassian atlas

Analysis of Git Submodule Vulnerability (CVE-2018-17456) Author：Hcamael@Knownsec 404 Team Date: October 15, 2018 Chinese Version: https://p... 2019-07-16 15:17:00 | 阅读: 164 | 收藏 | paper.seebug.org submodule test1 evilrepo test2 github

Analysis of Thinkphp5 Remote Code Execution Vulnerability Author: Knownsec 404 TeamDate: December 19, 2018Chinese Version: https://paper.seebug... 2019-07-15 17:50:00 | 阅读: 213 | 收藏 | paper.seebug.org thinkphp php security payload knownsec

Lucky Ransomware Analysis and File Decryption Author：Hcamael & 0x7F@Knownsec 404 Team Date: December 4, 2018 Chinese Version: ht... 2019-07-12 16:51:00 | 阅读: 202 | 收藏 | paper.seebug.org ransomware lucky encryption knownsec security

利用 Node.js 反序列化漏洞远程执行代码 tl;dr漏洞详情构建 Payload进一步利用总结补充内容（译者注）： 原文链接：Exploiting... 2019-07-12 16:17:02 | 阅读: 257 | 收藏 | paper.seebug.org 漏洞 unserialize 模块 iife payload