热点概要:WSH注入案例研究、Metinfo 5.3.17 前台SQL注入漏洞分析、解锁更多姿势——手机锁屏安全研究、Jenkins plugins多个漏洞、SHA2017 CTF部分writeup、大型挂马团伙“擒狼”攻击分析及溯源报告、英国50万联系人列表被售卖,价格仅4.99美元、
国内热词(以下内容部分摘自http://www.solidot.org/ ):
比特币突破 3400 美元,Bitcoin Cash 遭到攻击
FBI 担心中国获取美国基因组数据
资讯类:
RHME3(硬件CTF)开放注册,欢迎来战!
https://rhme.riscure.com/3/news
火狐发布数据泄露事件的说明更新称:企业网络并未遭攻陷
暗网新闻:
继Hansa和Aiphabay被接管打击之后,目前暗网梦幻市场(Dream market) 也至少12个供应商账号被接管
https://www.deepdotweb.com/2017/08/07/dutch-police-taken-12-dream-accounts-likely/
英国50万联系人列表被售卖,价格仅4.99美元
http://traderouteilbgzt.onion/?page=listing&lid=bjsN9VPF3xOFpSDO
技术类:
WSH注入案例研究
https://posts.specterops.io/wsh-injection-a-case-study-fd35f79d29dd
Electron hack —— 跨平台 XSS
https://mp.weixin.qq.com/s/DgjJ6uKtuUPFQhgztL69RQ
Abusing GDI Objects for ring0 Primitives Revolution
https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/
Metinfo 5.3.17 前台SQL注入漏洞分析
https://www.leavesongs.com/PENETRATION/metinfo-5.3.17-sql-injection.html
AgentTT/ComRAT的新变种
http://www.intezer.com/new-variants-of-agent-btz-comrat-found/
解锁更多姿势——手机锁屏安全研究
https://security.tencent.com/index.php/blog/msg/118
Week of Evading Microsoft ATA – Announcement and Day 1
http://www.labofapenetrationtester.com/2017/08/week-of-evading-microsoft-ata-day1.html
Shellcode:Windows API散列块密码(Maru Hash)
https://modexp.wordpress.com/2017/08/05/shellcode-maru-hash/
大型挂马团伙“擒狼”攻击分析及溯源报告
http://bobao.360.cn/learning/detail/4215.html
Dridex AtomBombing in detail
http://reversingminds-blog.logdown.com/posts/2125985-dridex-atombombing-in-detail
Jenkins plugins多个漏洞
http://seclists.org/oss-sec/2017/q3/261
p0wnedShell-DarkVersion
https://github.com/3gstudent/p0wnedShell-DarkVersion
SHA2017 CTF部分writeup
https://p-te.fr/2017/08/06/shactf2017-d1d13r/