每日安全动态推送(1-15)
2024-1-15 13:34:25 Author: mp.weixin.qq.com(查看原文) 阅读量:3 收藏

Tencent Security Xuanwu Lab Daily News

• ShellSweep: detect potential webshell files in a specified directory:
https://securityonline.info/shellsweep-detect-potential-webshell-files-in-a-specified-directory/

   ・ 用于检测潜在的Webshell文件。该工具利用文件内容的熵来估计文件的随机性,以帮助发现可能的恶意文件。 – SecTodayBot

• Fuzz Everything, Everywhere, All at Once:
https://media.ccc.de/v/37c3-12102-fuzz_everything_everywhere_all_at_once#t=1912

   ・ 介绍了使用AFL++和QEMU等新工具进行模糊测试的新方法。同时还展示了LibAFL和QEMU对二进制代码进行模糊测试的可扩展方法,突出了使用新的仿真器API进行规模扩展的自定义fuzzer。 – SecTodayBot

• Crafting Malicious Pluggable Authentication Modules for Persistence, Privilege Escalation, and Lateral Movement | RoseSecurity Research:
https://rosesecurityresearch.com/crafting-malicious-pluggable-authentication-modules-for-persistence-privilege-escalation-and-lateral-movement

   ・ 如何使用Pluggable Authentication Modules (PAM)来制作恶意二进制文件,用于攻击,重点是持久性,特权提升和横向移动。 – SecTodayBot

• Weaponizing Apache OFBiz CVE-2023-51467:
https://vulncheck.com/blog/ofbiz-cve-2023-51467

   ・ 详细分析了Apache OFBiz的一个新漏洞 – SecTodayBot

• GHSL-2023-266_GHSL-2023-267: Blind server-side request forgery (SSRF) vulnerabilities in Audiobookshelf - CVE-2023-51665, CVE-2023-51697:
https://securitylab.github.com/advisories/GHSL-2023-266_GHSL-2023-267_audiobookshelf/

   ・ Audiobookshelf项目存在盲SSRF漏洞,文章披露了漏洞的详细信息和POC – SecTodayBot

• Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI | Imperva:
https://www.imperva.com/blog/blank-grabber-malware-in-pypi-package/

   ・ Python’s Poisoned Package – SecTodayBot

• Operation Triangulation: talk on 37С3:
https://kas.pr/4ip1

   ・ Kaspersky详细披露了针对iPhone的攻击和漏洞利用细节,包括四个零日漏洞的利用详情,以及硬件漏洞CVE-2023-38606的披露。 – SecTodayBot

• CVE-2023–50220 — Inductive Automation Ignition XML Deserialization to RCE:
https://petrusviet.medium.com/cve-2023-50220-inductive-automation-ignition-xml-deserialization-to-rce-7b395412c6cf

   ・ 介绍了Inductive Automation Ignition的漏洞,详细分析了利用XML反序列化实现远程代码执行(RCE)的根本原因 – SecTodayBot

• Hunting for SSRF Bugs in PDF Generators:
https://www.blackhillsinfosec.com/hunting-for-ssrf-bugs-in-pdf-generators/

   ・ 讨论了在PDF生成器中寻找和利用SSRF漏洞的方法,介绍了如何找到潜在攻击点以及对服务器上的潜在负载着陆的分析。 – SecTodayBot

* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


文章来源: https://mp.weixin.qq.com/s?__biz=MzA5NDYyNDI0MA==&mid=2651959498&idx=1&sn=854f605c9fde844de3b3d7b6a22e0983&chksm=8baed055bcd959438ecdf882db71dc31566b6ceedee0b2906f95fdf4a02bb52244487f389396&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh