每日安全动态推送(11-29)

Tencent Security Xuanwu Lab Daily News

• 从JDK源码中探究Runtime#exec的限制 - FreeBuf网络安全行业门户:

   ・ 详解JDK的Runtime.getRuntime().exec(String)的原理：会先将输入字符串以"x20tnrf"进行split，之后再作为Process的argv进行命令执行。 – 

• Be Careful with Python's New-Style String Format:

   ・ Python的格式化字符串如果攻击者可控的话，可能会导致信息泄漏。 – 

• [Tools] Introduction to MITRE ATT&CK - Featuring Version 12 (2022):

   ・ MITRE ATT&CK Version 12 新特性 – 

• [Tools] An End to KASLR Bypasses?:

   ・ THREATINT_PROCESS_SYSCALL_USAGE：Windows 23H2 引入新的 ETW Event 缓解漏洞利用 – 

• [Pentest, Tools] Reverse TCP Sock5 Proxy:

   ・ Sock5 反向代理工具 – 

• [Browser] 2358 - Chrome: heap-use-after-free in blink::LocalFrameView::PerformLayout (incomplete fix for CVE-2022-3199) - project-zero:

   ・ Chrome浏览器Blink组件UAF漏洞（CVE-2022-3654）细节，由project-zero的glazunov发现，是由于CVE-2022-3199漏洞错误修复导致的补丁绕过。 – 

• obstack结构体:

   ・ 基于IO_FILE的高版本glibc利用链 – 

• [Tools] Future features:

   ・ 基于污点分析的静态分析被应用于堆漏洞检测 – 

• [Fuzzing, macOS] [Fuzzing with Jackalope] How to install jackalope and fuzz a simple program on MacOS:

   ・ 介绍了Jackalope的基本使用方法，对Damn Vulnerable C Program中的示例程序进行模糊测试  – 

• Koxic 勒索软件在韩国传播:

   ・ Koxic 勒索软件的相关行为分析 – 

• [Windows] GitHub - abusech/ThreatFox: Open IOC sharing platform:

   ・ ThreatFox：开源威胁情报共享平台 – 

• Hacking Smartwatches for Spear Phishing – Cybervelia | Cyber Security:

   ・ 攻击智能手表以使其显示自定义内容 – 

• [Web, Vulnerability] r/netsec - Exploiting an N-day vBulletin PHP Object Injection Vulnerability:

   ・ 利用vBulletin的一个N-day对象注入漏洞实现任意PHP代码执行。 – 

• [Pentest, Tools] OffSecOps: Using Jenkins For Red Team Tooling:

   ・ 用Jenkins来自动化构建红队工具 – 

• [IoT] When an N-Day turns into a 0day. (Part 1 of 2):

   ・ 基于patch对TP-Link一处未初始化访问漏洞的分析和利用，并发现仍存在其他受此漏洞影响的固件版本。 – 

• [Tools] Kubeeye - Tool To Find Various Problems On Kubernetes, Such As Application Misconfiguration, Unhealthy Cluster Components And Node Problems:

   ・ Kubeeye，一款Kubernetes漏洞检测工具，能够给出修复建议，支持客制化。 – 

* 查看或搜索历史推送内容请访问：

* 新浪微博账号：腾讯玄武实验室