SecWiki周刊（第213期)

SecWiki周刊（第213期）

2018/03/26-2018/04/01

安全资讯

[人物] 从抄书到开源之巅：章亦春的程序人生
https://mp.weixin.qq.com/s/moyoJd1EnNziRPQgHbNXRw

[新闻] 2018 RSA 相关信息梳理
https://mp.weixin.qq.com/s/cH6_AWMXRNOoAm_lruF7SQ

[新闻] WebRTC bug 泄漏 VPN 用户的真实 IP
https://www.solidot.org/story?sid=55977&from=timeline

[新闻] NSF3000万美元推动计算和信息科学领域前沿变革研究
https://mp.weixin.qq.com/s/WQ1JKpiYhe9-jb0RPsScIA

安全技术

[Web安全] 代码审计之LaySNS_v2.2.0漏洞分析
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903626&idx=1&sn=633702a8d7330bafd3558c1652c07daa&chksm=8b55dd97bc22548146659e311628a42c8c006e8c595b483eecadc29e940f616ebb2269226a85&mpshare=1&scene=23&srcid=0328qev4vUCTZwDa55NSnIUt#rd

[Web安全] MSSQL Error-Based SQL Injection Order by clause
https://github.com/incredibleindishell/exploit-code-by-me/blob/master/MSSQL%20Error-Based%20SQL%20Injection%20Order%20by%20clause/Error%20based%20SQL%20Injection%20in%20%E2%80%9COrder%20By%E2%80%9D%20clause%20(MSSQL).pdf

[设备安全] 7块钱的BadUSB
https://mp.weixin.qq.com/s/mIcRNcf5HmZ4axe8N92S7Q

[Web安全] 利用最新Apache解析漏洞（CVE-2017-15715）绕过上传黑名单
https://www.leavesongs.com/PENETRATION/apache-cve-2017-15715-vulnerability.html

[Web安全] SpringBoot应用监控Actuator使用的安全隐患
https://xz.aliyun.com/t/2233

[会议] Black Hat Asia 2018 slides
https://www.blackhat.com/asia-18/briefings.html

[Web安全] Exploiting Browser Extensions & Context Menus
https://harleo.me/blog/exploiting-browser-extensions-context-menus

[运维安全] 宜信漏洞管理平台-洞察
https://mp.weixin.qq.com/s/24V5nJ47ZyAAYTU78mjgvg

[Web安全] Cowrie Honeypot Analysis
https://hackertarget.com/cowrie-honeypot-analysis-24hrs/

[移动安全] Adhrit：open source Android APK reversing and analysis tool
https://github.com/abhi-r3v0/Adhrit/

[比赛] 强网杯出题思路-solid_core-HijackPrctl
https://bbs.pediy.com/thread-225488.htm

[漏洞分析] 今日头条与木马
http://tech.sina.com.cn/csj/2018-03-31/doc-ifysukft3959182.shtml

[恶意分析] 摩诃草APT组织针对我国敏感机构最新的网络攻击活动分析
https://mp.weixin.qq.com/s/hJvDqIuBZgd2_xua4suy0w

[移动安全] Android Studio 3.0.1 编写 Xposed 插件入门记录
https://zhuanlan.zhihu.com/p/35003478

[恶意分析] 8291端口告警事件简报
http://blog.netlab.360.com/quick-summary-port-8291-scan-cn/

[恶意分析] Powershell+dnscat2实现DNS隐蔽隧道反弹Shell，和检测方法
https://mp.weixin.qq.com/s/5mDhzuGC2WEc8bdIjRg94w

[比赛] 第二届强网杯Web Writeup
http://www.cnblogs.com/iamstudy/articles/2th_qiangwangbei_ctf_writeup.html

[运维安全] DBScanner: 自动扫描内网常数据库脚本未授权访问及常规弱口令检测
https://github.com/se55i0n/DBScanner

[数据挖掘] 通俗、有逻辑的写一篇说下Xgboost的原理
https://blog.csdn.net/github_38414650/article/details/76061893

[Web安全] GitStack <= 2.3.10 远程命令执行漏洞分析-CVE-2018-5955
https://xz.aliyun.com/t/2235

[比赛] 强网杯“彩蛋”—Shiro 1.2.4(SHIRO-550)漏洞之发散性思考
https://blog.zsxsoft.com/post/35

[运维安全] The phenomenon of smart contract honeypots
https://medium.com/@gerhard.wagner/the-phenomena-of-smart-contract-honeypots-755c1f943f7b

[数据挖掘] 基于概念知识图谱的短文本理解
https://mp.weixin.qq.com/s/avf72hYVq4WBJ63G6wlORA

[比赛] 第二届强网杯Web Writeup
https://www.anquanke.com/post/id/103213

[Web安全] 渗透测试入门
https://bbs.ichunqiu.com/thread-36498-1-1.html?from=sec

[漏洞分析] Exploiting Jolokia Agent with Java EE Servers
https://mp.weixin.qq.com/s/blpFK0oigTGtI_eVJxEL0w

[Web安全] MIPCMS V3.1.0 远程写入配置文件Getshell过程分析(附批量getshell脚本)
https://bbs.ichunqiu.com/thread-36511-1-1.html?from=sec

[文档] following the trace of WMI Backdoors & other nastiness
https://www.eideon.com/2018-03-02-THL03-WMIBackdoors/

[编程技术] 记一次爬虫批量爬取exp
https://mp.weixin.qq.com/s?__biz=MzI5NTQ5MTAzMA==&mid=2247483860&idx=1&sn=c773f70165f5a48be62acdf8e0217f2d&chksm=ec53856ddb240c7b372d85c3912456b236f9b37e399e30c687b4596892cf5c399ef4ea9aeb18&scene=38#wechat_redirect

[比赛] QWB-2018 Web partial solutions
https://mp.weixin.qq.com/s/xEBr7JxbSTt11oiBsgc3uw

[设备安全] Threat Landscape for Industrial Automation Systems in H2 2017
https://ics-cert.kaspersky.com/reports/2018/03/26/threat-landscape-for-industrial-automation-systems-in-h2-2017/

[观点] 第二届强网杯中应用的一种反作弊新思路
http://www.freebuf.com/column/166714.html

[运维安全] 饿了么在ELasticsearch自动化运维平台和监控平台的应用实践
https://elasticsearch.cn/slides/109?

[文档] uefi-ninja
https://lightbulbone.com/posts/2018/03/uefi-ninja/

[漏洞分析] 逆向分析以太坊智能合约
https://www.anquanke.com/post/id/101979

[文档] Binary學習終極指南
https://diabolo94.github.io/2017/12/10/utimatebinary/

[Web安全] 密码破解全能工具：Hashcat密码破解攻略
http://www.freebuf.com/sectool/164507.html

[漏洞分析] PS4 4.55 BPF Race Condition Kernel Exploit Writeup
https://github.com/Cryptogenic/Exploit-Writeups/blob/master/FreeBSD/PS4%204.55%20BPF%20Race%20Condition%20Kernel%20Exploit%20Writeup.md

[漏洞分析] Breaking the unbreakable voting machine! Bluefrost Ekoparty Stack Overflow Chall
https://medium.com/@alex91ar/breaking-the-unbreakable-voting-machine-bluefrost-ekoparty-stack-overflow-challenge-1d6f4a255efe

[编程技术] PHP-FPM源码分析
https://github.com/owenliang/php-fpm-code-analysis

[Web安全] #BugBounty — Rewarded by securing vulnerabilities in Bookmyshow (India’s largest
https://medium.com/@logicbomb_1/bugbounty-rewarded-by-securing-vulnerabilities-in-bookmyshow-indias-largest-online-movie-bb81dba9b82

[Web安全] Python is the best language-Writeup
https://xianzhi.aliyun.com/forum/topic/2219

[恶意分析] Exploit kits: Winter 2018 review
https://blog.malwarebytes.com/threat-analysis/2018/03/exploit-kits-winter-2018-review/

[取证分析] Exploring the opportunities and limitations of Threat Intelligence Platforms
https://www.enisa.europa.eu/publications/exploring-the-opportunities-and-limitations-of-current-threat-intelligence-platforms

[Web安全] Amazon's AWS Misconfiguration: Arbitrary Files Upload in Amazon Go
https://rhinosecuritylabs.com/aws/amazon-aws-misconfiguration-amazon-go/

[运维安全] basics-of-tracking-wmi-activity
https://www.darkoperator.com/blog/2017/10/14/basics-of-tracking-wmi-activity

[移动安全] Prevent bypassing of SSL certificate pinning in iOS applications
https://www.guardsquare.com/en/blog/iOS-SSL-certificate-pinning-bypassing

[Web安全] Jolokia JNDI Injection&XXE Vulnerability分析复现
http://www.polaris-lab.com/index.php/archives/493/

[漏洞分析] 你必须了解的漏洞利用缓解及对抗技术
https://zhuanlan.zhihu.com/p/24489276

[Web安全] #BugBounty — API keys leakage, Source code disclosure in India’s largest e-comme
https://medium.com/bugbountywriteup/bugbounty-api-keys-leakage-source-code-disclosure-in-indias-largest-e-commerce-health-care-c75967392c7e

[Web安全] ezXSS：一款功能强大的XSS盲测工具
http://www.freebuf.com/sectool/165289.html

[设备安全] IoTInfographic
https://github.com/Xipiter/IoTInfographic

[Web安全] 攻防组网之----MikroTik软路由的配置和FUZZ
https://bbs.ichunqiu.com/thread-36817-1-1.html?from=sec

[设备安全] BLE安全入门及实战
https://sec.xiaomi.com/article?id=14

[漏洞分析] Attack seam framework
https://xz.aliyun.com/t/2230

[杂志] SecWiki周刊（第212期)
https://www.sec-wiki.com/weekly/212

[移动安全] Android 4.4 - Android 7.1 APP Vulnerability Benchmarks
https://bitbucket.org/secure-it-i/android-app-vulnerability-benchmarks/src/master/

[文档] Cisco2018年度网络安全报告（ACR）R11
http://branden.biz/wp-content/uploads/2018/03/11.-Cisco-2018-Annual-Cybersecurity-Report.pdf

[观点] 初探下一代SIEM核心技术发展趋势
https://www.sec-un.org/%e5%88%9d%e6%8e%a2%e4%b8%8b%e4%b8%80%e4%bb%a3siem%e6%a0%b8%e5%bf%83%e6%8a%80%e6%9c%af%e5%8f%91%e5%b1%95%e8%b6%8b%e5%8a%bf/

[漏洞分析] 容器镜像安全概述
http://blog.nsfocus.net/docker-mirror-security/

[运维安全] Quickpost: Using Suricata on Windows
https://blog.didierstevens.com/2018/03/27/quickpost-using-suricata-on-windows/

[取证分析] YARA Rules for Finding and Analyzing in InfoSec
https://www.alienvault.com/blogs/security-essentials/yara-rules-for-finding-and-analyzing-in-infosec

[Web安全] Tools to gather subdomains from Bug Bounty programs
https://github.com/bonkc/BugBountySubdomains

[Web安全] 代码审计之QYKCMS后台任意文件上传、任意文件读取漏洞
https://mp.weixin.qq.com/s?__biz=MzA3NzE2MjgwMg==&mid=2448903645&idx=1&sn=bd058d8d8b35bcbe228590b287a668ca&chksm=8b55dd80bc22549695d5b1853835c608f2b7c8803dd1af5f39369adea6075d947225e1ffa38a&mpshare=1&scene=23&srcid=0331OXFL35OcYMseHFsBVUKQ#rd

[工具] CryptoPot：Simple cryptocurrency mining honeypot
https://github.com/omergunal/CryptoPot

[Web安全] 老司机带你过常规WAF
https://www.anquanke.com/post/id/102852

[Web安全] Awesome XSS stuff
https://github.com/UltimateHackers/AwesomeXSS

[运维安全] 浅谈Linux系统MongoDB安全配置
https://mp.weixin.qq.com/s/j5NFI8oX-BC5waxLOl58aQ

[工具] ScrapedIn：A tool to scrape LinkedIn without API restrictions for data reconnaiss
https://github.com/dchrastil/ScrapedIn

[Web安全] Joomla内核SQL注入漏洞（CVE-2018-8045）分析
http://blog.nsfocus.net/cve-2018-804-analysis/

[恶意分析] Who and What Is Coinhive?
https://krebsonsecurity.com/2018/03/who-and-what-is-coinhive/

[恶意分析] 腾讯2017年度传销态势感知白皮书
https://slab.qq.com/news/authority/1745.html

[Web安全] 利用插件对Chrome进行UXSS
https://mp.weixin.qq.com/s/2uYgr1hNbP_lUBYVREM6vg

[Web安全] 客户端 session 导致的安全问题
https://www.leavesongs.com/PENETRATION/client-session-security.html

[漏洞分析] Open XML标签解析类漏洞分析思路
https://www.anquanke.com/post/id/103080

[取证分析] Signature Based Detection of User Events for PostMortem Forensic Analysis
https://arxiv.org/ftp/arxiv/papers/1302/1302.2395.pdf

[Web安全] JBoss引起的内网渗透-3
http://rcoil.me/2018/03/JBoss%E5%BC%95%E8%B5%B7%E7%9A%84%E5%86%85%E7%BD%91%E6%B8%97%E9%80%8F-3/

[Web安全] Exploiting Facebook data for stealing your friends’ digital identities
https://medium.com/bugbountywriteup/exploiting-facebook-data-for-stealing-your-friends-digital-identities-68511ec2d21d

[Web安全] Multi-stage Powershell script (Brownies)
https://dissectmalware.wordpress.com/2018/03/28/multi-stage-powershell-script/

[其它] Zeppelin Augur Core Audit v1.0.0
https://docs.google.com/document/d/1saSVpT2Ixd58q-DZlTtzfkNizuTTE4yVoGuWz_AatZM/edit

[工具] Go-deliver is a payload delivery tool coded in Go.
https://github.com/0x09AL/go-deliver

[工具] How BloodHound's Session Collection Works
https://www.youtube.com/watch?v=q86VgM2Tafc

[Web安全] 利用恶意页面攻击本地Xdebug
https://xlab.tencent.com/cn/2018/03/30/pwn-local-xdebug/

[工具] Exploring Cobalt Strike's ExternalC2 framework
https://blog.xpnsec.com/exploring-cobalt-strikes-externalc2-framework/

安全专题

APP安全在线检测系统
https://www.sec-wiki.com/topic/82

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第213期)

SecWiki周刊（第213期）

最新公告

友情链接

SecWiki公众号

安全学术圈