热点概要:音乐视频服务网站Vevo遭OurMine入侵,3.12TB数据被公布、ExpensiveWall:又一个影响420多万Google Play Store用户的Android恶意软件(含分析报告)、逆向英雄联盟客户端、BlueBorne安全威胁浅析、[exploit-db]D-Link DIR8xx Routers多个漏洞、RDP Pivoting with Metasploit
资讯类:
音乐视频服务网站Vevo遭OurMine入侵,3.12TB数据被公布
https://www.hackread.com/ourmine-hacks-video-leaks-data-online/
ExpensiveWall:又一个影响420多万Google Play Store用户的Android恶意软件,Google已移除50个包含恶意代码的app
http://thehackernews.com/2017/09/play-store-malware.html
VMware修复可允许Guest在Host上执行代码的bug
https://threatpost.com/vmware-patches-bug-that-allows-guest-to-execute-code-on-host/127990/
技术类
ExpensiveWall分析报告
https://research.checkpoint.com/expensivewall-dangerous-packed-malware-google-play-will-hit-wallet/
逆向英雄联盟客户端
https://nickcano.com/reversing-league-of-legends-client/
BlueBorne安全威胁浅析
https://duo.com/blog/an-analysis-of-blueborne-bluetooth-security-risks
通过Chrome DLL劫持藏在广告软件包中的盗密码后门
ARM exploitation for IoT (Part 2)
https://quequero.org/2017/09/arm-exploitation-iot-episode-2/
传送门 Part 1:
https://quequero.org/2017/07/arm-exploitation-iot-episode-1/
后渗透框架RemoteRecon
https://github.com/xorrior/RemoteRecon
Exploit toolkit for CVE-2017-8759——.NET Framework RCE
toolkit地址:https://github.com/bhdresh/CVE-2017-8759
视频教程:
.NET中绕过UAF
https://offsec.provadys.com/UAC-bypass-dotnet.html
.NET远程处理(Remoting)介绍for Hackers
https://parsiya.net/blog/2015-11-14-intro-to-.net-remoting-for-hackers/
RDP Pivoting with Metasploit
http://www.hackingarticles.in/rdp-pivoting-metasploit/
[exploit-db]D-Link DIR8xx Routers多个漏洞
本地固件上传:https://www.exploit-db.com/exploits/42731/
登录凭证泄露:https://www.exploit-db.com/exploits/42729/
ROOT权限远程代码执行:https://www.exploit-db.com/exploits/42730/
Debug Cisco ASA Tools
https://github.com/nccgroup/asatools
Wiegotcha: 远距离RFID信号窃取
https://github.com/lixmk/Wiegotcha/blob/master/README.md
检测Mimikatz及其他可疑LSASS访问