CTF导航 CTF导航

每日安全动态推送(1-22)

渗透技巧 10个月前 admin
46 0 0
Tencent Security Xuanwu Lab Daily News

• Added ommited set of Uncore MSRs (their descriptors are available … · chip-red-pill/uCodeDisasm@ffc9070:
https://github.com/chip-red-pill/uCodeDisasm/commit/ffc9070233a6e7a26dbabe723289259f087ee20b

   ・ 深入讨论了CPU架构的细节,介绍了如何访问低级CPU安全特性,对于低级系统分析和Fuzz测试具有重要意义。  – SecTodayBot


• How to Install TrollStore using TrollMisaka (Full Guide):
https://idevicecentral.com/ios-guide/how-to-install-trollstore-using-trollmisaka-full-guide/

   ・ iOS存在一个新的漏洞CoreTrust bug,使得TrollStore 2能够在iOS 16.0 – 17.0上安装未经授权的应用程序。文章介绍了TrollMisaka工具的使用方法,该工具可以绕过应用程序安装限制,安装具有增强功能的未经授权应用程序。  – SecTodayBot


• oss-security – GNU coreutils v9.4; v9.3; v9.2 split heap buffer overflow vulnerability:
https://www.openwall.com/lists/oss-security/2024/01/18/2

   ・ GNU coreutils ‘split’ program存在堆缓冲区溢出漏洞,文章披露了漏洞细节和根本原因分析,并提供了触发崩溃和利用漏洞的POC文件。  – SecTodayBot


• How I passed the Intigriti 0124 Challenge:
https://bit.ly/48R3N9E

   ・ 该文章主要介绍了作者如何通过DOM Clobbering和Prototype Pollution等技术成功绕过Intigriti 0124 XSS挑战。文章详细分析了漏洞的根本原因,并提供了利用漏洞所需的Exploit和POC – SecTodayBot


• Delta Electronics Delta Industrial Automation DOPSoft DPS File wLogTitlesPrevValueLen Buffer Overflow Remote Code Execution:
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wlogtitlesprevvaluelen-buffer-overflow-remote-code-execution/

   ・ 该文章披露了Delta Electronics Delta Industrial Automation DOPSoft中存在的堆栈缓冲区溢出漏洞,攻击者可以利用该漏洞实现远程代码执行 – SecTodayBot


• .NET 反序列化小工具应用分析:
https://paper.seebug.org/3106/

   ・ 详细分析了与.NET反序列化漏洞相关的问题 – SecTodayBot


• Rotating credentials for GitHub.com and new GHES patches:
https://github.blog/2024-01-16-rotating-credentials-for-github-com-and-new-ghes-patches/

   ・ GitHub与Ekoparty合作,披露了一起生产容器环境变量漏洞的新漏洞,以及相关的修复和凭证轮换过程。  – SecTodayBot


• TensorFlow Supply Chain Compromise via Self-Hosted Runner Attack:
https://www.praetorian.com/blog/tensorflow-supply-chain-compromise-via-self-hosted-runner-attack/

   ・ 介绍了围绕TensorFlow开源框架的新漏洞披露,包括对漏洞根本原因的详细分析和潜在的攻击手法。作者还介绍了一个名为Gato的开源工具,用于GitHub Actions管道枚举和攻击。 – SecTodayBot


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(1-22)

版权声明:admin 发表于 2024年1月22日 下午2:41。
转载请注明:每日安全动态推送(1-22) | CTF导航

相关文章

Finding A RCE Gadget Chain In WordPress Core
admin
162
红队视角下的公有云基础组件安全(二)
admin
767
漏洞复现 佑友防火墙 后台命令执行漏洞
admin
456
每周蓝军技术推送(2021.12.18-12.24)
admin
972
GoAnywhere MFT反序列化漏洞(CVE-2023-0669)利用工具
admin
788
sqlps.exe白名单的利用(过S60!)
admin
886

相关文章

Boolean-based SQL Injection in ZoneMinder v1.37.* <= 1.37.64
0
Open-Source Intelligence Summit 2024议题慢递
0
NTLM Relaying – Making the Old New Again
0
每日安全动态推送(24/11/4)
0
wuzhicms<=4.1.0后台RCE(0day)
0
每周蓝军技术推送(2024.10.26-11.1)
0
Apache Solr漏洞CVE-2024-45216分析
0
某小型cms漏洞复现审计
0
Distributed RPC Framework RemoteModule has Deserialization RCE in pytorch/pytorch(CVE-2024-48063)
0
JWT(JSON Web Token) 攻击面小结
0