5月12日每日安全热点 - Hypercalls 研究分析

2020-05-12 09:45:10 360安全客安全资讯 41063 4

漏洞 Vulnerability

CVE-2020-0674：Internet Explorer UAF 漏洞exp

https://github.com/maxpl0it/CVE-2020-0674-Exploit

CVE-2020-11932: WhatsApp Double-Free 漏洞exp

https://github.com/ProjectorBUg/CVE-2020-11932

恶意软件 Malware

分析利用D-Link NAS 或 NVR设备构建的IoT僵尸网络

https://www.forcepoint.com/blog/x-labs/botnets-nas-nvr-devices

针对一款朝鲜的字典软件进行逆向分析

https://digitalnk.com/blog/2020/05/08/porting-north-korean-dictionaries-with-rust/

Microsoft and Intel Labs 将恶意样本转化成图片用于探测和分类

https://www.zdnet.com/article/microsoft-and-intel-project-converts-malware-into-images-before-analyzing-it/

安全研究 Security Research

Windows认证攻击 part 2 – kerberos

https://blog.redforce.io/windows-authentication-attacks-part-2-kerberos/

iOS沙箱逃逸0day分析，iOS 13.5 beta 3已修复

https://github.com/Siguza/psychicpaper

30个Windows 利用教程集合

https://fullpwnops.com/windows-exploitation-pathway.html

CVE-2018-8611： Windows KTM 漏洞利用 Part 3/5——触发条件竞争以及调试技巧

https://research.nccgroup.com/2020/05/11/cve-2018-8611-exploiting-windows-ktm-part-3-5-triggering-the-race-condition-and-debugging-tricks/

Hyper-V 研究搜集 (2006-2019)

https://github.com/gerhart01/Hyper-V-Internals/blob/master/HyperResearchesHistory.md

空指针-Base on windows Writeup — 最新版DZ3.4实战渗透

https://mp.weixin.qq.com/s/YfbWf_o_v7uP3XwlYgl_LA

Hypercalls 研究分析

https://foxhex0ne.blogspot.com/2020/05/hyper-v-0x1-hypercalls-part-1.html

安全工具 Security Tools

Shellcode Compiler：用于生成Windows 和 Linux平台的shellcode工具

https://github.com/NytroRST/ShellcodeCompiler

SkCodecFuzzer：P0开源的Android Skia Image fuzz工具

https://github.com/googleprojectzero/SkCodecFuzzer

SMB 登录暴力破解的PowerShel脚本

https://www.infosecmatter.com/minimalistic-smb-login-bruteforcer/

BadDNS：Rust 开发的使用公共 DNS 服务器进行多层子域名探测工具

https://github.com/joinsec/BadDNS

SharpC2：一款.NET C2 框架

https://rastamouse.me/2020/05/sharpc2/

drow：ELF文件patch 工具

https://github.com/zznop/drow

clipboardme：通过link 获取和注入clipboard 工具

https://github.com/thelinuxchoice/clipboardme

（完）