Tencent Security Xuanwu Lab Daily News

• CVE-2023-49145: Apache NiFi: Improper Neutralization of Input in Advanced User Interface for Jolt:
https://seclists.org/oss-sec/2023/q4/240

   ・ Apache NiFi 0.7.0至1.23.2版本存在DOM型跨站脚本漏洞，攻击者可通过精心构造的URL在认证用户会话中执行任意JavaScript代码。 – SecTodayBot

• A Deep Dive into our Storage Layout Extractor:
https://blog.smlxl.io/a-deep-dive-into-our-storage-layout-extractor-51554185d8af

   ・ 分享了如何构建一个工具以在没有源代码的情况下恢复solc编译合约的存储布局 – SecTodayBot

• A Look at IPStorm - Cross-Platform Malware Written in Go:
https://maldbg.com/ipstorm-golang-malware-windows

   ・ 该文章介绍了IPStorm木马的文件详细信息和主要功能，包括绕过杀毒软件、安装和持久化、使用Powershell等特点。 – SecTodayBot

• ArchitectureSpecificsMemo:
https://wiki.debian.org/ArchitectureSpecificsMemo

   ・ 这篇文章主要介绍了Debian项目中架构的一些具体细节，包括对齐、浮点数、C/C++预处理符号、有符号性等，并提供了获取这些信息的方法。 – SecTodayBot

• Re: CVE-2023-34059 - File Descriptor Hijack vulnerability in open-vm-tools:
https://seclists.org/oss-sec/2023/q4/236

   ・ 发现open-vm-tools中的文件描述符劫持漏洞 – SecTodayBot

• ShellcodeStdio:
https://winternl.com/shellcodestdio/

   ・ 使用ShellcodeStdio框架编写优化的、位置无关的x86和x64 shellcode。 – SecTodayBot

• Writing a Debugger From Scratch - DbgRs Part 3 - Reading Memory:
https://www.timdbg.com/posts/writing-a-debugger-from-scratch-part-3/

   ・ 学习编写调试器的教程 – SecTodayBot

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab