热点概要:Strust2漏洞影响多个Cisco产品、三星发布漏洞赏金计划,最高赏金可达20万美元、【IoT】BlueBorne攻击:无需用户交互黑客即可仅通过蓝牙接管Android设备、CURL会有后门吗、如何制作一个GSM基站、ARM exploitation for IoT、渗透测试工具备忘录
资讯类:
Strust2漏洞影响多个Cisco产品
http://thehackernews.com/2017/09/apache-struts-flaws-cisco.html
【hackernews】三星发布漏洞赏金计划,最高赏金可达20万美元
http://thehackernews.com/2017/09/samsung-bug-bounty-program.html
技术类:
【IoT】BlueBorne攻击:无需用户交互黑客即可仅通过蓝牙接管Android设备(影响主流移动,桌面,IoT操作系统以及任何使用蓝牙的设备)。BlueBorne攻击可使攻击者完全接管设备,并通过受感染的设备传播恶意软件。
https://threatpost.com/wireless-blueborne-attacks-target-billions-of-bluetooth-devices/127921/
视频demo:https://www.bilibili.com/video/av14413847/
【exploit-db】tcprewrite Heap-Based Buffer Overflow
https://www.exploit-db.com/exploits/42652/
【exploit-db】PHP Dashboards NEW 4.4 – SQL Injection
https://www.exploit-db.com/exploits/42654/
【exploit-db】PHP Dashboards NEW 4.4 – Arbitrary File Read
https://www.exploit-db.com/exploits/42653/
Windows Event Forwarding for Network Defense
https://medium.com/@palantir/windows-event-forwarding-for-network-defense-cb208d5ff86f
Windows’ PsSetLoadImageNotifyRoutine Callbacks: the Good, the Bad and the Unclear (Part 2)
Malware Analysis – Triaging Java JAR Files视频分析
https://www.bilibili.com/video/av14414854/
CURL会有后门吗?
https://daniel.haxx.se/blog/2017/09/12/the-backdoor-threat/
ARM exploitation for IoT – part 2
https://quequero.org/2017/09/arm-exploitation-iot-episode-2/
传送门part 1: https://quequero.org/2017/07/arm-exploitation-iot-episode-1/
渗透测试工具备忘录
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
Windows kernel pool spraying fun – Part 2 – More objects
http://theevilbit.blogspot.jp/2017/09/windows-kernel-pool-spraying-fun-part-2.html
How to hide your browser 0-days in an encrypted ninja fashion!
https://github.com/Mrgeffitas/Ironsquirrel
如何制作一个GSM基站
https://n0where.net/build-gsm-base-station/
exploitations of Uninitialized Uses on macOS Sierra
https://www.usenix.org/system/files/conference/woot17/woot17-paper-xu.pdf