SecWiki周刊(第331期)
2020/06/29-2020/07/05
安全技术
SSRF on Zimbra Led to Dump All Credentials in Clear Text
https://medium.com/bugbountywriteup/story-of-a-2-5k-bounty-ssrf-on-zimbra-led-to-dump-all-credentials-in-clear-text-6fe826005ccc
https://medium.com/bugbountywriteup/story-of-a-2-5k-bounty-ssrf-on-zimbra-led-to-dump-all-credentials-in-clear-text-6fe826005ccc
不一样的 "反弹Shell" 系统剖析
https://mp.weixin.qq.com/s/VAHriOf4HVUna3FxhKg_OA
https://mp.weixin.qq.com/s/VAHriOf4HVUna3FxhKg_OA
Taking over Azure DevOps Accounts with 1 Click
https://blog.assetnote.io/2020/06/28/subdomain-takeover-to-account-takeover/?v=2
https://blog.assetnote.io/2020/06/28/subdomain-takeover-to-account-takeover/?v=2
硬件分析的常用工具与基础方法
https://mp.weixin.qq.com/s/KFm870IFHGEHRnsek9d3lg
https://mp.weixin.qq.com/s/KFm870IFHGEHRnsek9d3lg
ZombieVPN, Breaking That Internet Security
https://0xsha.io/posts/zombievpn-breaking-that-internet-security
https://0xsha.io/posts/zombievpn-breaking-that-internet-security
踩坑记录-DNS Beacon
https://xz.aliyun.com/t/7938
https://xz.aliyun.com/t/7938
10 Years of Linux Security
https://grsecurity.net/10_years_of_linux_security.pdf
https://grsecurity.net/10_years_of_linux_security.pdf
红蓝对抗之Windows内网渗透
https://mp.weixin.qq.com/s/OGiDm3IHBP3_g0AOIHGCKA
https://mp.weixin.qq.com/s/OGiDm3IHBP3_g0AOIHGCKA
CTF实战特训营实训真题
https://zhuanlan.zhihu.com/p/148384035
https://zhuanlan.zhihu.com/p/148384035
BIG IP CVE-2020-5902 漏洞检测与利用
https://bacde.me/post/big-ip-cve-2020-5902-check-poc/
https://bacde.me/post/big-ip-cve-2020-5902-check-poc/
Android App Source code Extraction and Bypassing Root and SSL Pinning checks
https://vj0shii.info/android-app-testing-initial-steps/
https://vj0shii.info/android-app-testing-initial-steps/
Oracle 注入学习(终结版)
https://mp.weixin.qq.com/s/BvZ0niXtofDMjzUpHxjKig
https://mp.weixin.qq.com/s/BvZ0niXtofDMjzUpHxjKig
攻防演练实战中的若干Tips
https://www.freebuf.com/articles/es/240003.html
https://www.freebuf.com/articles/es/240003.html
全球高级持续性威胁(APT)2020年中报告
https://ti.qianxin.com/uploads/2020/06/29/e4663b4f11f01e5ec8a1a5d91a71dc72.pdf
https://ti.qianxin.com/uploads/2020/06/29/e4663b4f11f01e5ec8a1a5d91a71dc72.pdf
Docker安全性与攻击面分析
https://mp.weixin.qq.com/s/BaeIGrBimww8SUtePDQ0jA
https://mp.weixin.qq.com/s/BaeIGrBimww8SUtePDQ0jA
leonidas: Automated Attack Simulation in the Cloud
https://github.com/FSecureLABS/leonidas
https://github.com/FSecureLABS/leonidas
Windows/Linux文件下载方式汇总
https://xz.aliyun.com/t/7937
https://xz.aliyun.com/t/7937
DDG的新征程——自研P2P协议构建混合P2P网络
https://www.anquanke.com/post/id/209351
https://www.anquanke.com/post/id/209351
渗透经验分享之SQL注入思路拓展
https://xz.aliyun.com/t/7919
https://xz.aliyun.com/t/7919
图卷积神经网络在企业侧网络安全运营中的应用
https://mp.weixin.qq.com/s/d6fpwQlNBUlBba3spJu3wA
https://mp.weixin.qq.com/s/d6fpwQlNBUlBba3spJu3wA
CVE-2020-1948 Apache Dubbo Hessian 反序列化漏洞分析
https://www.anquanke.com/post/id/209251
https://www.anquanke.com/post/id/209251
对Linux 提权的简单总结
https://xz.aliyun.com/t/7924
https://xz.aliyun.com/t/7924
Dubbo2.7.7 反序列化漏洞绕过分析
https://paper.seebug.org/1263/
https://paper.seebug.org/1263/
Exploiting an Envoy heap vulnerability
https://blog.envoyproxy.io/exploiting-an-envoy-heap-vulnerability-96173d41792
https://blog.envoyproxy.io/exploiting-an-envoy-heap-vulnerability-96173d41792
浅谈短信验证码漏洞
https://xz.aliyun.com/t/7926
https://xz.aliyun.com/t/7926
FDEU-CVE-2019-10222
https://full-disclosure.eu/reports/2019/FDEU-CVE-2019-10222-telia-savitarna-backdoor.html
https://full-disclosure.eu/reports/2019/FDEU-CVE-2019-10222-telia-savitarna-backdoor.html
Breaking Windows KASLR by Leaking KVA Shadow Mappings
https://labs.bluefrostsecurity.de/blog/2020/06/30/meltdown-reloaded-breaking-windows-kaslr/
https://labs.bluefrostsecurity.de/blog/2020/06/30/meltdown-reloaded-breaking-windows-kaslr/
Hacking All The Cars - CAN总线逆向
https://www.anquanke.com/post/id/209141
https://www.anquanke.com/post/id/209141
Apple Lightning
https://nyansatan.github.io/lightning/
https://nyansatan.github.io/lightning/
Netgear R6700v3 LAN RCE write-up and exploit
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/tokyo_drift/tokyo_drift.md
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/tokyo_drift/tokyo_drift.md
Automating DLL Hijack Discovery
https://posts.specterops.io/automating-dll-hijack-discovery-81c4295904b0
https://posts.specterops.io/automating-dll-hijack-discovery-81c4295904b0
Some DOS bugs while processing Microsoft LNK files
https://ezqelusia.blogspot.com/2020/06/some-dos-bugs-while-processing.html
https://ezqelusia.blogspot.com/2020/06/some-dos-bugs-while-processing.html
Laravel 5.7反序列化漏洞(CVE-2019-9081+2020第五空间题解)
http://zeroyu.xyz/2020/06/28/Laravel-5-7%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E-CVE-2019-9081-2020%E7%AC%AC%E4%BA%94%E7%A9%BA%E9%97%B4%E9%A2%98%E8%A7%A3/
http://zeroyu.xyz/2020/06/28/Laravel-5-7%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E-CVE-2019-9081-2020%E7%AC%AC%E4%BA%94%E7%A9%BA%E9%97%B4%E9%A2%98%E8%A7%A3/
利用差分重放技术检测未初始化变量的使用
https://mp.weixin.qq.com/s/CjNaxF3Z465u30ugvbDt1w
https://mp.weixin.qq.com/s/CjNaxF3Z465u30ugvbDt1w
浅谈 NLP 技术在威胁情报中的应用
https://paper.seebug.org/1256/
https://paper.seebug.org/1256/
Detect lateral movement with Azure Sentinel
https://zolder.io/2020/07/01/using-a-firewall-and-sentinel-to-detect-lateral-movement/?a=q
https://zolder.io/2020/07/01/using-a-firewall-and-sentinel-to-detect-lateral-movement/?a=q
TuxGuitar - stealing local files (XXE)
https://logicaltrust.net/blog/2020/06/tuxguitar.html
https://logicaltrust.net/blog/2020/06/tuxguitar.html
Hunting for anomalous sessions in your data with Azure Sentinel
https://techcommunity.microsoft.com/t5/azure-sentinel/hunting-for-anomalous-sessions-in-your-data-with-azure-sentinel/ba-p/1492490
https://techcommunity.microsoft.com/t5/azure-sentinel/hunting-for-anomalous-sessions-in-your-data-with-azure-sentinel/ba-p/1492490
SecWiki周刊(第330期)
https://www.sec-wiki.com/weekly/330
https://www.sec-wiki.com/weekly/330
-----微信ID:SecWiki-----
SecWiki,13年来一直专注安全技术资讯分析!
SecWiki:https://www.sec-wiki.com本期原文地址: SecWiki周刊(第331期)
