Tencent Security Xuanwu Lab Daily News

• Linux内核常用保护和绕过技术:
http://blog.topsec.com.cn/linux%e5%86%85%e6%a0%b8%e5%b8%b8%e7%94%a8%e4%bf%9d%e6%8a%a4%e5%92%8c%e7%bb%95%e8%bf%87%e6%8a%80%e6%9c%af/

   ・ 介绍linux内核的漏洞缓解机制及绕过方法，最后解释了CVE-2022-0847的漏洞利用方法，该方法不受漏洞缓解机制的限制 – WireFish

• TangledWinExec/ReflectiveDLLInjection at main · daem0nc0re/TangledWinExec:
https://github.com/daem0nc0re/TangledWinExec/tree/main/ReflectiveDLLInjection

   ・ 用于研究windows进程执行技术的工具包 – WireFish

• 1、“左右互搏术”:
https://www.freebuf.com/articles/es/357478.html

   ・ 从攻防两个不同维度分析网络安全中双方的对抗。以Sysmon日志、ATT&CK标签日志、操作系统日志的分析实践为实例。 – WireFish

• [Tools] Writing a Debugger From Scratch - DbgRs Part 1:
https://www.timdbg.com/posts/writing-a-debugger-from-scratch-part-1/

   ・ 从零开始写一个调试器，系列之一 – WireFish

• [Tools] IoC detection experiments with ChatGPT:
https://securelist.com/ioc-detection-experiments-with-chatgpt/108756/

   ・ 使用ChatGPT对取证及攻击识别方向的一些实验，作者使用Meterpreter、PowerShell Empire 感染系统后，对产生的进程、服务行为输入到ChatGPT中，其在恶意进程识别、服务安装和加密程序检查上表现良好。 – P4nda

• [Web] Web-Hacking-Playground - Web Application With Vulnerabilities Found In Real Cases, Both In Pentests And In Bug Bounty Programs:
http://www.kitploit.com/2023/02/web-hacking-playground-web-application.html

   ・ 一个web安全的靶场应用，其中的漏洞源自真实漏洞。不过目前只有三个exploit challenge。 – Atum

• Arris Router Firmware 9.1.103 Remote Code Execution:
https://packetstormsecurity.com/files/171001

   ・ Arris Router Firmware远程代码执行漏洞(CVE-2022-45701)的漏洞利用，影响多个型号（TG2482A, TG2492, SBG10）设备。 – P4nda

• Server-side prototype pollution: Black-box detection without the DoS:
https://portswigger.net/research/server-side-prototype-pollution

   ・ 如何在不把服务端打DoS的情况下检测服务端的原型污染漏洞 – keenan

• [Linux] Rustproofing Linux (Part 3/4 Integer Overflows):
https://research.nccgroup.com/2023/02/14/rustproofing-linux-part-3-4-integer-overflows/

   ・ Rustproofing Linux (Part 3/4 Integer Overflows) – lanying37

• [Vulnerability] Breaking IBM WebSphere authentication: exploiting crypto bugs to impersonate anyone .ical 02-11, 11:00–12:00 (Europe/Amsterdam), Leonardo Da Vinci:
https://pretalx.hackerhotel.nl/hackerhotel-2023/talk/7JEEWB/

   ・ IBM WebSphere Liberty 在其轻量级第三方身份验证 (LTPA) 协议的实现中存在缺陷，攻击者可构造任意其他用户的令牌。 – keenan

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab