SecWiki周刊（第217期)

SecWiki周刊（第217期）

2018/04/23-2018/04/29

安全资讯

[新闻] 公安部关于印发《网络安全等级保护测评机构管理办法》的通知
https://mp.weixin.qq.com/s/HVPSSB_QtWle7GjJhJT_Ww

[恶意分析] 恶意软件分析之—勒索即服务(Raas)
http://www.4hou.com/typ/11186.html

[取证分析] ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks
https://threatpost.com/thaicert-seizes-hidden-cobra-server-linked-to-ghostsecret-sony-attacks/131498/

[会议] XKungfoo 2018精彩回顾-Day1
http://www.4hou.com/xactivity/11228.html

[会议] XKungfoo 2018精彩回顾-Day2
http://www.4hou.com/xactivity/11242.html

[新闻] 外卖送餐信息被指在网上售卖
http://www.bjnews.com.cn/inside/2018/04/23/484211.html

[新闻] 黑客组织 Orangeworm 针对全球医疗保健行业发起间谍活动
https://mp.weixin.qq.com/s/DhQAdkeXRW-22UPgB5iR6A

安全技术

[Web安全] 记Discuz!的一个绕过技巧
https://secvul.com/topics/1165.html

[漏洞分析] Fireline: 360发布的一款免费静态代码分析工具
http://magic.360.cn/zh/article_zh.html

[恶意分析] 记某司Linux服务器入侵事件
https://secvul.com/topics/1142.html

[Web安全] 一次特殊场景下的鸡肋XSS
https://secvul.com/topics/1159.html

[漏洞分析] Infer：Facebook开源的一个静态分析工具
https://infer.liaohuqiu.net/

[运维安全] 金融企业网络安全应急响应之基础篇
https://mp.weixin.qq.com/s/Ug2vImj8wB1_kbXLGUmouQ

[取证分析] Gitmails: An information gathering tool to colect git commit emails
https://github.com/giovanifss/Gitmails

[恶意分析] 从 CVE-2016-0165 说起：分析、利用和检测（上）
https://xiaodaozhi.com/exploit/32.html

[会议] 2018首席安全官（CSO）国际高峰论坛（干货PPT下载）
https://www.anquanke.com/post/id/106707

[漏洞分析] Jira-Scan: CVE-2017-9506 POC
https://github.com/random-robbie/Jira-Scan

[移动安全] Frida-Python-Binding：Easy to use Frida python binding script
https://github.com/Mind0xP/Frida-Python-Binding

[运维安全] Windows security audit events
https://www.microsoft.com/en-us/download/details.aspx?id=50034

[编程技术] picojs：A face detection library in 200 lines of JavaScript
https://github.com/tehnokv/picojs

[恶意分析] Loading Kernel Shellcode
https://www.fireeye.com/blog/threat-research/2018/04/loading-kernel-shellcode.html

[比赛] 格式化字符串hijack retaddr及三个白帽-pwnme_k0 writeup
https://www.anquanke.com/post/id/105989

[比赛] 渗透测试实战-BlackMarket靶机入侵
https://www.anquanke.com/post/id/106855

[设备安全] First glance on OS VRP by Huawei
https://embedi.com/blog/first-glance-on-os-vrp-by-huawei/

[恶意分析] TPLINK TLWR740N ROUTER REMOTE CODE EXECUTION
https://www.fidusinfosec.com/a-curious-case-of-code-reuse-tplink-cve-2017-13772-v2

[漏洞分析] Go语言任意代码执行漏洞 CVE-2018-6574
http://blog.nsfocus.net/cve-2018-6574/

[漏洞分析] 谈escapeshellarg绕过与参数注入漏洞
https://www.leavesongs.com/PENETRATION/escapeshellarg-and-parameter-injection.html

[运维安全] DB_BaseLine: 数据库基线检查工具
https://github.com/wstart/DB_BaseLine

[移动安全] Android Applications Reversing 101
https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/

[恶意分析] Uncovering Unknown Threats With Human-Readable Machine Learning
https://blog.trendmicro.com/trendlabs-security-intelligence/uncovering-unknown-threats-with-human-readable-machine-learning/

[Web安全] cheetah-gui:基于字典的webshell密码爆破工具
https://github.com/sunnyelf/cheetah-gui/blob/master/README_zh.md

[Web安全] TrunPortForward: Web管理的、多节点、多端口、高度自定义定向转发工具
https://github.com/cytvictor/TrunPortForward

[Web安全] 听说你内网渗透遇到困难？—MSF的NAT映射技巧
https://bbs.ichunqiu.com/thread-39238-1-1.html?from=sec

[恶意分析] 从 CVE-2016-0165 说起：分析、利用和检测（中）
https://xiaodaozhi.com/exploit/42.html

[工具] TDL：Driver loader for bypassing Windows x64 Driver Signature Enforcement
https://github.com/hfiref0x/TDL

[Web安全] 读取型CSRF-需要交互的内容劫持
https://bbs.ichunqiu.com/thread-36314-1-1.html

[恶意分析] 从 CVE-2016-0165 说起：分析、利用和检测（下）
https://xiaodaozhi.com/exploit/56.html

[漏洞分析] Drupal CVE-2018-7600 漏洞利用和攻击
https://xz.aliyun.com/t/2312

[Web安全] Hash Finder 在线查询工具(支持多种类型)
http://finder.insidepro.team/

[数据挖掘] 第二届阿里云安全算法挑战赛 MJ_3DSUN 队解题方法
https://github.com/frank6696/tianchi-aliyun-security-competition

[漏洞分析] ssrf漏洞学习与利用
http://www.zerokeeper.com/web-security/ssrf-vulnerability-learning-and-utilization.html

[取证分析] STIX 2.0 示例剖析
https://mp.weixin.qq.com/s/B88yOz9UWRm5WhWY6zAyUA

[Web安全] 代码审计之任意文件读取漏洞实例
https://mp.weixin.qq.com/s/JG1PuHXvtt9sXM1r26uQ9g

[工具] windows10_ntfs_crash_dos：PoC for a NTFS crash that I discovered, in various Wind
https://github.com/mtivadar/windows10_ntfs_crash_dos

[Web安全] 利用文件包含漏洞和图片一句话getshell
https://xz.aliyun.com/t/2311

[漏洞分析] A bunch of Red Pills: VMware Escapes
https://keenlab.tencent.com/en/2018/04/23/A-bunch-of-Red-Pills-VMware-Escapes/

[运维安全] 用Apache mod_rewrite来保护你的Empire C2
https://www.anquanke.com/post/id/104784

[运维安全] 金融企业网络安全应急响应之技术篇
https://mp.weixin.qq.com/s/W3_klh02SsMrRyH3UcYGNw

[漏洞分析] HooToo TripMate Routers are Cute But Insecure
http://blog.ioactive.com/2018/04/hootoo-tripmate-routers-are-cute-but.html

[漏洞分析] Google Inbox spoofing vulnerability
https://eligrey.com/blog/google-inbox-spoofing-vulnerability/

[恶意分析] GravityRAT - The Two-Year Evolution Of An APT Targeting India
https://blog.talosintelligence.com/2018/04/gravityrat-two-year-evolution-of-apt.html

[漏洞分析] ShofEL2, a Tegra X1 and Nintendo Switch exploit
https://fail0verflow.com/blog/2018/shofel2/

[恶意分析] APT团伙（APT-C-01）新利用漏洞样本分析及关联挖掘
https://mp.weixin.qq.com/s/Rj0diLq9w6qiyQSA-CJHGQ

[漏洞分析] Electron远程命令执行漏洞(CVE-2018-1000006)
http://www.zerokeeper.com/vul-analysis/electron-remote-command-execution-vulnerability-cve20181000006.html

[Web安全] PentesterLab新手教程（二）：XML注入
http://www.freebuf.com/sectool/169122.html

[工具] HackBox is the combination of awesome techniques.
https://github.com/samhaxr/hackbox

[Web安全] 关于Powershell对抗安全软件
https://micropoor.blogspot.jp/2018/04/powershell.html

[数据挖掘] 机器学习之垃圾信息过滤
http://www.freebuf.com/articles/network/168850.html

[文档] establishing-a-baseline-for-remote-desktop-protocol
https://www.fireeye.com/blog/threat-research/2018/04/establishing-a-baseline-for-remote-desktop-protocol.html

[Web安全] DOM Based Cross-Site Scripting in Google VRView library
http://blog.mindedsecurity.com/2018/04/dom-based-cross-site-scripting-in.html

[Web安全] Exploiting misconfigured CORS Null Origin
https://www.soffensive.com/2018/04/exploiting-misconfigured-cors-null.html

[比赛] 429线下赛write-up
http://momomoxiaoxi.com/2018/04/27/4292018/

[移动安全] Bypassing Android Anti-Emulation, Part (I)
http://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-I/

[恶意分析] Debugging Windows Services For Malware Analysis / Reverse Engineering
https://secrary.com/Random/WindowsServiceDebugging/

[Web安全] Stored XSS in Yahoo!
https://steemit.com/bugbounty/@theshahzada/stored-xss-in-yahoo

[恶意分析] Summary of APT33 MD5
https://pastebin.com/uGUF4SHJ

[设备安全] 智能汽车安全研究报告
https://www.computest.nl/wp-content/uploads/2018/04/connected-car-rapport.pdf

[Web安全] Subdomain enumeration
http://10degres.net/subdomain-enumeration/

[移动安全] Bypassing Android Anti-Emulation, Part (III)
http://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-III/

[Web安全] Linkedin Autofill Vulnerability
https://amisafe.secops.in/linkedin-autofill-vulnerability/

[恶意分析] Energetic Bear/Crouching Yeti: attacks on servers
https://securelist.com/energetic-bear-crouching-yeti/85345/

[移动安全] Bypassing Android Anti-Emulation, Part (II)
http://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-II/

[漏洞分析] 一行代码蒸发了¥6,447,277,680 人民币！
https://zhuanlan.zhihu.com/p/35989258

[运维安全] Endpoint Isolation with the Windows Firewall
https://medium.com/@cryps1s/endpoint-isolation-with-the-windows-firewall-462a795f4cfb

[漏洞分析] 批量扫描智能合约中的整数溢出问题
http://5alt.me/2018/04/%E6%89%B9%E9%87%8F%E6%89%AB%E6%8F%8F%E6%99%BA%E8%83%BD%E5%90%88%E7%BA%A6%E4%B8%AD%E7%9A%84%E6%95%B4%E6%95%B0%E6%BA%A2%E5%87%BA%E9%97%AE%E9%A2%98/

[Web安全] 基于Service Worker 的XSS攻击面拓展
https://lorexxar.cn/2018/04/20/SW-xss/

[恶意分析] Interactive bindshell over HTTP
http://blog.secu.dk/blog/Tunnels_in_a_hard_filtered_network/

[漏洞分析] 为何 shadowsocks 要弃用一次性验证 (OTA)
https://blessing.studio/why-do-shadowsocks-deprecate-ota/

[运维安全] 360：基于 AI 的网络运维
https://mp.weixin.qq.com/s/1toUOKq_80pyM8AmCNb8Ww

[运维安全] Red-Teaming-Toolkit: A collection of open source and commercial tools
https://github.com/infosecn1nja/Red-Teaming-Toolkit

[Web安全] PentesterLab新手教程（一）：代码注入
http://www.freebuf.com/sectool/168653.html

[取证分析] 构建高质量攻击指标的几条建议
https://mp.weixin.qq.com/s/ZRiSi3bb-SkMc_54mWPgmw

[恶意分析] 毕业设计之php RASP(二) 威胁判断
http://www.cnblogs.com/iamstudy/articles/php_code_rasp_2.html

[恶意分析] CVE-2017–11882 RTF
https://medium.com/@__fastcall/cve-2017-11882-rtf-44d671dc0fce

[编程技术] 巡风风险扫描系统的一些演变
http://www.freebuf.com/sectool/168977.html

[Web安全] 毕业设计之php RASP(三) 收尾
http://www.cnblogs.com/iamstudy/articles/php_code_rasp_3.html

[取证分析] 揭秘第三方跟踪器是如何利用Facebook登录页面跟踪用户的
http://www.4hou.com/technology/11208.html

[漏洞分析] Small mistakes lead to big problems
http://k3research.outerhaven.de/posts/small-mistakes-lead-to-big-problems.html

[取证分析] 使用Apache mod_rewrite实现http流量分发
https://mp.weixin.qq.com/s/SIFrdP-w3kvIhQGaAjhV-Q

[杂志] SecWiki周刊（第216期)
https://www.sec-wiki.com/weekly/216

[Web安全] JWT common pitfalls, attacks, and mitigations
https://auth0.com/blog/a-look-at-the-latest-draft-for-jwt-bcp/

[运维安全] 欧洲最严合规GDPR影响众多企业
https://mp.weixin.qq.com/s/nEMHu33qfO8GvDqStpVVuQ

[比赛] DDCTF 2018 逆向 baby_mips Writeup
https://blog.formsec.cn/2018/04/29/DDCTF-2018-%e9%80%86%e5%90%91-baby-mips-Writeup/

[取证分析] Integrating PRE-ATT&CK Techniques Into ATT&CK
https://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/integrating-pre-attck-techniques-into-attck

[Web安全] DomLink：一款自动化的域发现工具
http://www.freebuf.com/sectool/169734.html

[比赛] Reverse Engineering challenges
about:blank

[其它] 金融企业IT内控合规管理建设与实践
https://mp.weixin.qq.com/s/vxvZAfXRqYDVmdqEXJfUUA

[恶意分析] 解密混淆的PHP程序
https://blog.formsec.cn/2018/04/27/%e8%a7%a3%e5%af%86%e6%b7%b7%e6%b7%86%e7%9a%84PHP%e7%a8%8b%e5%ba%8f/

[Web安全] YY直播洗号产业链如何运作？戳进来看看！
https://bbs.ichunqiu.com/thread-39419-1-1.html?from=sec

-----微信ID：SecWiki-----
SecWiki，13年来一直专注安全技术资讯分析！
SecWiki：https://www.sec-wiki.com

本期原文地址: SecWiki周刊(第217期)

SecWiki周刊（第217期）

最新公告

友情链接

SecWiki公众号

安全学术圈