热点概要:Tunnel Manager – From RCE to Docker Escape、针对福昕阅读器拒绝修复的漏洞及其安全模式浅析、针对多款路由器的漏洞挖掘、以DVRF(路由器漏洞靶机)为例解读JEB固件漏洞利用(Part 1)、Awesome Security Gists、虚拟货币投资平台Enigma被黑,价值逾47万美元的以太坊已被盗
国内热词(以下内容部分摘自http://www.solidot.org/ ):
Gentoo 将移除加固内核
资讯类:
虚拟货币投资平台Enigma被黑,价值逾47万美元的以太坊已被盗
http://thehackernews.com/2017/08/enigma-cryptocurrency-hack.html
技术类:
Tunnel Manager – From RCE to Docker Escape
https://xianzhi.aliyun.com/forum/read/2009.html
关于福昕阅读器 – 安全阅读模式和其他漏洞的故事(针对前段时间福昕阅读器拒绝修复的漏洞及其安全模式浅析)
http://insert-script.blogspot.co.at/2017/08/a-tale-about-foxit-reader-safe-reading.html
重温SOHO路由器攻击(针对多款路由器的漏洞挖掘)
http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_054_Rueda_SOHORouter.pdf
利用SQLMAP检测和利用SQL注入(科普)
https://gbhackers.com/sqlmap-detecting-exploiting-sql-injection/
一道CrackMe题目分析(含样本下载)
https://secrary.com/CrackMe/AdvancedKeygenme/
以DVRF(路由器漏洞靶机)为例解读JEB固件漏洞利用(Part 1)
https://www.pnfsoftware.com/blog/firmware-exploitation-with-jeb-part-1/
SLAE:自定义RBIX Shellcode编码器/解码器
https://www.rcesecurity.com/2015/01/slae-custom-rbix-shellcode-encoder-decoder/
Solving a Danish Defense Intelligence Puzzle(对一道CrackMe题目的分析)
https://safiire.github.io/blog/2017/08/19/solving-danish-defense-intelligence-puzzle/
记一次意外攻击失误导致的后果
http://blog.portswigger.net/2017/08/how-i-accidentally-framed-myself-for.html
The Art of Becoming TrustedInstaller
https://tyranidslair.blogspot.co.uk/2017/08/the-art-of-becoming-trustedinstaller.html
使用RIG EK投放Ramnit木马
https://malwarebreakdown.com/2017/08/21/seamless-campaign-uses-rig-ek-to-drop-ramnit-trojan/
针对JS_POWMET无文件恶意软件分析
Awesome Security Gists
https://github.com/Hack-with-Github/Awesome-Security-Gists/
Cryptocurrency Miner利用WMI和永恒之蓝实现无文件恶意软件