Web安全
DNSBomb:一种利用 DNS 查询和响应的新型脉冲 DoS 攻击
https://lixiang521.com/publication/oakland24-2/
本地存储中敏感数据泄露导致身份验证绕过
https://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800
内网渗透
密码喷射相关资料合集
https://github.com/puzzlepeaches/awesome-password-spraying#password-generation
AD域内持久化技术概述
https://hadess.io/pwning-the-domain-persistence/
自动检测SOCKS 4/4a/5 隧道并跟踪常见的 SOCKS 身份验证
https://github.com/nzymedefense/nzyme/blob/master/tap/src/ethernet/detection/taggers/socks_tagger.rs
终端对抗
现网威胁中Windows 11 UAC Bypass技术分析
https://any.run/cybersecurity-blog/windows11-uac-bypass/
Windows计划任务持久化及隐蔽技术
https://www.securityblue.team/blog/posts/persistence-mechanisms-windows-scheduled-tasks
凭据转储工具LetMeowIn工作原理分析与检测建议
https://www.binarydefense.com/resources/blog/letmeowin-analysis-of-a-credential-dumper/
https://twitter.com/SBousseaden/status/1793691501530374374
frida-jit-unpacker:恶意.NET应用分析工具
https://github.com/imperva/frida-jit-unpacker/
Windows将逐渐淘汰VBScript支持,时间表与后续步骤
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/vbscript-deprecation-timelines-and-next-steps/ba-p/4148301
https://www.elevenforum.com/t/vbscript-deprecation-in-windows-11-timelines-and-next-steps.25396/
微软开源适用于Windows的sudo命令组件
https://github.com/microsoft/sudo
漏洞相关
CVE 2024-32002:拉取代码触发的Git应用RCE漏洞
https://securemyorg.com/blogs/git-rce-cve-2024-32002/
VirtualBox 6.1.18客户机逃逸漏洞原理披露
https://blog.pksecurity.io/2024/05/21/virtualbox_escape_2021.html
CVE-2024-22268:Vmware WorkStation SVGA基于堆的缓冲区溢出RCE漏洞
https://www.zerodayinitiative.com/advisories/ZDI-24-494/
CVE-2024-33899、CVE-2024-36052:WinRAR中的ANSI转义注入漏洞
https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983
CVE-2024-30037:微软Windows CLFS整数下溢本地提权漏洞
https://www.zerodayinitiative.com/advisories/ZDI-24-495/
CVE-2024-4367:PDF.js应用任意JS代码执行漏洞POC及yara规则
https://github.com/LOURC0D3/CVE-2024-4367-PoC
https://github.com/spaceraccoon/detect-cve-2024-4367
CVE-2024-34710:Wiki.js漏洞导致用户凭据泄露
https://securityonline.info/cve-2024-34710-wiki-js-vulnerability-exposes-users-to-potential-account-takeover/
Netflix Genie作业编排引擎严重漏洞导致大数据应用程序RCE
https://www.darkreading.com/application-security/netflix-fixes-critical-vulnerability-on-big-data-orchestration-service
https://github.com/Netflix/genie/security/advisories/GHSA-wpcv-5jgp-69f3
Chrome 浏览器 V8引擎堆沙盒攻击面分析
https://saelo.github.io/presentations/offensivecon_24_the_v8_heap_sandbox.pdf
使用JTAG调试挖掘Hyper-V漏洞
https://www.youtube.com/live/9utI4qKCWH4
云安全
如何在 Active Directory 环境中实现永久持久化
https://www.huntandhackett.com/blog/how-to-achieve-eternal-persistence
人工智能和安全
Agentic 开源LLM漏洞扫描器
https://github.com/msoedov/agentic_security
微软Coploit+功能疑似导致定期屏幕截图与数据外泄风险,且已在Intune中默认启用
https://www.bleepingcomputer.com/news/microsoft/microsofts-new-windows-11-recall-is-a-privacy-nightmare/
https://twitter.com/GossiTheDog/status/1793240127789052332
https://twitter.com/GossiTheDog/status/1792864134893129752
介绍间接提示注入、越狱、数据提取风险及缓解手段
https://build.microsoft.com/en-US/sessions/d29a16d5-f9ea-4f5b-9adf-fae0bd688ff3?source=sessions
利用ChatGPT在WEB浏览器中实现XXE漏洞利用
https://swarm.ptsecurity.com/xxe-chrome-safari-chatgpt/
Azure OpenAI 服务系列文章-如何通过收集日志数据获取见解
https://journeyofthegeek.com/2024/05/17/azure-openai-service-the-value-of-response-headers-and-log-correlation
社工钓鱼
伪装为PDF阅读器登陆界面的HTML钓鱼页面
https://www.forcepoint.com/blog/x-labs/html-phishing-pdf-viewer-login-apac
泄露凭据搜集指南
https://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4
LeakSearch:密码泄露收集与解析
https://github.com/JoelGMSec/LeakSearch
其他
Apple Wi-Fi 定位系统如何被滥用来追踪全球人员
https://www.theregister.com/2024/05/23/apple_wifi_positioning_system
借助进攻性IOT设备的红队植入物开发
https://www.blackhillsinfosec.com/offensive-iot-for-red-team-implants-part-1
M01N Team公众号
聚焦高级攻防对抗热点技术
绿盟科技蓝军技术研究战队
官方攻防交流群
网络安全一手资讯
攻防技术答疑解惑
扫码加好友即可拉群
往期推荐
原文始发于微信公众号(M01N Team):每周蓝军技术推送(2024.5.18-5.24)