【知识】3月17日 - 每日安全知识热点

http://p6.qhimg.com/t017313015b51e6034e.png

热点概要:Pass-the-Hash is Dead:Long Live LocalAccountTokenFilterPolicy通过Xposed框架hook和patch安卓app利用FRIDA攻击Android应用程序:搞定Crackme 、Microsoft Windows – COM Session Moniker权限提升漏洞攻击者利用Excel,PowerShell和DNS在最新的恶意软件Microsoft Edge 38.14393.0.0 JavaScript引擎UAF漏洞攻击RDP – 如何窃听不安全的RDP连接

国内热词(以下内容部分摘自http://www.solidot.org/):


pwn2own2017激烈进行中

伊朗政府打击 Telegram 用户

美国指控俄罗斯安全局特工卷入了对雅虎的入侵

资讯类:


攻击者可能使用单个图片来破解流行的安全消息应用程序WhatsApp和Telegram

http://securityaffairs.co/wordpress/57166/hacking/whatsapp-and-telegram-hack.html

英特尔,微软宣布新的BUG赏金计划

https://threatpost.com/intel-microsoft-announce-new-bug-bounties/124354/

技术类:


Pass-the-Hash is Dead:Long Live LocalAccountTokenFilterPolicy

http://www.harmj0y.net/blog/redteaming/pass-the-hash-is-dead-long-live-localaccounttokenfilterpolicy/

PornHub 的XXS漏洞挖掘记

http://www.jonbottarini.com/2017/03/16/penetrating-pornhub-xss-vulns-galore-plus-a-cool-shirt/

使用备份和恢复实用程序绕过Windows 10 UAC

https://www.bleepingcomputer.com/news/security/windows-10-uac-bypass-uses-backup-and-restore-utility/

三星泄露客户订单信息

https://medium.com/@AlmostWhiteHat/samsung-leaking-customer-information-9b7e2dcb006d

通过Xposed框架hook和patch安卓app

http://resources.infosecinstitute.com/android-hacking-and-security-part-25-hooking-and-patching-android-apps-using-xposed-framework/

利用FRIDA攻击Android应用程序:搞定Crackme

https://www.codemetrix.net/hacking-android-apps-with-frida-2/

WALNUT: Waging Doubt on the Integrity of MEMS Accelerometers with Acoustic Injection Attacks

https://spqr.eecs.umich.edu/papers/trippel-IEEE-oaklawn-walnut-2017.pdf

Windows DVD Maker XXE漏洞

http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DVD-MAKER-XML-EXTERNAL-ENTITY-FILE-DISCLOSURE.txt

Microsoft Windows – COM Session Moniker权限提升漏洞

https://bugs.chromium.org/p/project-zero/issues/detail?id=1021

Microsoft Edge 38.14393.0.0 JavaScript引擎UAF漏洞

https://bugs.chromium.org/p/project-zero/issues/detail?id=1043

Microsoft Windows – 'LoadUvsTable()' 基于堆的缓冲区溢出

http://blogs.flexerasoftware.com/secunia-research/2016/12/microsoft_windows_loaduvstable_heap_based_buffer_overflow_vulnerability.html

.NET序列化学习

https://blog.scrt.ch/2016/05/12/net-serialiception/

攻击RDP – 如何窃听不安全的RDP连接

https://www.exploit-db.com/docs/41621.pdf

Sn1per是自动扫描漏洞程序

https://github.com/1N3/Sn1per

cve-2017-0065 PoC

https://github.com/Dankirk/cve-2017-0065

一个JavaScriptCore漏洞的学习案例

http://www.mottoin.com/95838.html

攻击者利用Excel,PowerShell和DNS在最新的恶意软件

https://www.carbonblack.com/2017/03/15/attackers-leverage-excel-powershell-dns-latest-non-malware-attack/

CVE-2017-0012:Microsoft Edge / IE 浏览器欺骗漏洞

http://bobao.360.cn/learning/detail/3612.html

(完)