热点概要:root打印机:从厂商的安全公告到远程代码执行分析、使用Flare、Elastic Stack、IDS检测恶意软件通信的“信标”、通过跟踪事件日志检测横向移动、初识 Fuzzing 工具 WinAFL、蝴蝶效应与程序错误—一个渣洞的利用、Microsoft Windows Server中的WINS Server远程内存损坏漏洞分析、Linux sudo漏洞(CVE-2017-1000367)复现和利用思路分析
资讯类:
美政府:警惕朝“隐匿眼镜蛇”国家黑客组织
http://thehackernews.com/2017/06/north-korea-hacking-malware.html
技术类:
root打印机:从厂商的安全公告到远程代码执行分析
https://www.tenable.com/blog/rooting-a-printer-from-security-bulletin-to-remote-code-execution
看恶意耳机是如何攻击Nexus 9
https://alephsecurity.com/2017/06/13/nexus9-ephemeral-fiq/
服务器端请求伪造(SSRF)环境的搭建和利用
https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF
使用Flare、Elastic Stack、IDS检测恶意软件通信的“信标”
绕过多种保护机制编译的Web服务器
http://arielkoren.com/blog/2017/06/14/fusion-level05-solution/
通过跟踪事件日志检测横向移动
https://www.jpcert.or.jp/english/pub/sr/20170612ac-ir_research_en.pdf
越狱ios禁止SSL Pinning抓App Store的包
http://pwn.dog/index.php/Web-Security/ios-disable-ssl-pinning.html
Linux sudo漏洞(CVE-2017-1000367)复现和利用思路分析
http://www.freebuf.com/articles/system/136975.html
Apache Commons Fileupload 1.3.1 DOS(CVE-2016-3092)
https://threathunter.org/topic/594139ee03027c9d712abeff
初识 Fuzzing 工具 WinAFL
php里的随机数
http://5alt.me/2017/06/php%E9%87%8C%E7%9A%84%E9%9A%8F%E6%9C%BA%E6%95%B0/
某P2P系统对象自动绑定漏洞可任意充值
https://threathunter.org/topic/593ff6bc9c58e020408a79d4
蝴蝶效应与程序错误—一个渣洞的利用
http://weibo.com/ttarticle/p/show?id=2309404118504042313519
自动化挖掘 windows 内核信息泄漏漏洞
Nmap 7.50发布,新增15个脚本
http://seclists.org/nmap-announce/2017/3
MarkLogic 8.04 远程代码执行漏洞分析
https://osandamalith.com/2017/06/14/windows-kernel-exploitation-arbitrary-overwrite/
windows内核利用-任意覆盖
http://blog.talosintelligence.com/2017/06/lexmark-perceptive-vuln-deep-dive.html
Microsoft Windows Server中的WINS Server远程内存损坏漏洞分析
分析Android上的广告库Xavier的信息窃取行为
CVE-2017-8514:SharePoint的`Follow` 功能XSS
https://respectxss.blogspot.com.br/2017/06/a-look-at-cve-2017-8514-sharepoints.html
cve-2016-9651 exp和相关的paper
https://github.com/secmob/pwnfest2016/
CVE-2017-0138:Microsoft Edge ‘SparseArraySegment’内存损坏漏洞报告
http://www.security-assessment.com/files/documents/advisory/sparsearraysegment.pdf
CVE-2017-0130:Microsoft Internet Explorer ‘ToPrimitive’内存损坏漏洞报告
http://www.security-assessment.com/files/documents/advisory/toprimitive.pdf
PHP中的XXE攻击代码
https://gist.github.com/jobertabma/2900f749967f83b6d59b87b90c6b85ff