• ShellSweep: detect potential webshell files in a specified directory:
https://securityonline.info/shellsweep-detect-potential-webshell-files-in-a-specified-directory/
・ 用于检测潜在的Webshell文件。该工具利用文件内容的熵来估计文件的随机性,以帮助发现可能的恶意文件。
– SecTodayBot
• Fuzz Everything, Everywhere, All at Once:
https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once#t=1912
・ 介绍了使用AFL++和QEMU等新工具进行模糊测试的新方法。同时还展示了LibAFL和QEMU对二进制代码进行模糊测试的可扩展方法,突出了使用新的仿真器API进行规模扩展的自定义fuzzer。
– SecTodayBot
• Crafting Malicious Pluggable Authentication Modules for Persistence, Privilege Escalation, and Lateral Movement | RoseSecurity Research:
https://rosesecurityresearch.com/crafting-malicious-pluggable-authentication-modules-for-persistence-privilege-escalation-and-lateral-movement
・ 如何使用Pluggable Authentication Modules (PAM)来制作恶意二进制文件,用于攻击,重点是持久性,特权提升和横向移动。
– SecTodayBot
• Weaponizing Apache OFBiz CVE-2023-51467:
https://vulncheck.com/blog/ofbiz-cve-2023-51467
・ 详细分析了Apache OFBiz的一个新漏洞
– SecTodayBot
• GHSL-2023-266_GHSL-2023-267: Blind server-side request forgery (SSRF) vulnerabilities in Audiobookshelf - CVE-2023-51665, CVE-2023-51697:
https://securitylab.github.com/advisories/GHSL-2023-266_GHSL-2023-267_audiobookshelf/
・ Audiobookshelf项目存在盲SSRF漏洞,文章披露了漏洞的详细信息和POC
– SecTodayBot
• Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI | Imperva:
https://www.imperva.com/blog/blank-grabber-malware-in-pypi-package/
・ Python’s Poisoned Package
– SecTodayBot
• Operation Triangulation: talk on 37С3:
https://kas.pr/4ip1
・ Kaspersky详细披露了针对iPhone的攻击和漏洞利用细节,包括四个零日漏洞的利用详情,以及硬件漏洞CVE-2023-38606的披露。
– SecTodayBot
• CVE-2023–50220 — Inductive Automation Ignition XML Deserialization to RCE:
https://petrusviet.medium.com/cve-2023-50220-inductive-automation-ignition-xml-deserialization-to-rce-7b395412c6cf
・ 介绍了Inductive Automation Ignition的漏洞,详细分析了利用XML反序列化实现远程代码执行(RCE)的根本原因
– SecTodayBot
• Hunting for SSRF Bugs in PDF Generators:
https://www.blackhillsinfosec.com/hunting-for-ssrf-bugs-in-pdf-generators/
・ 讨论了在PDF生成器中寻找和利用SSRF漏洞的方法,介绍了如何找到潜在攻击点以及对服务器上的潜在负载着陆的分析。
– SecTodayBot
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab