Tencent Security Xuanwu Lab Daily News
• [Tools] 0vercl0k/rp:
https://github.com/0vercl0k/rp
・ 研究员 Axel Souchet 开源了一个支持多平台的 ROP gadget 搜索工具
– Jett
• [Windows] CVE-2022-21907:
https://github.com/antx-code/CVE-2022-21907
・ GitHub 上出现 Windows HTTP 协议栈远程代码执行漏洞(CVE-2022-21907)的 PoC
– Jett
• Awesome Executable Packing:
https://github.com/dhondta/awesome-executable-packing
・ 可执行文件加壳相关的资料和工具整理
– Jett
• IPv6 Security & Capability Testing, Part 2:
https://theinternetprotocolblog.wordpress.com/2020/05/26/ipv6-security-capability-testing-part-2/
・ IPv6 Security & Capability Testing, Part 2
– Jett
• Apache HTTP Server mod_lua模块缓冲区溢出漏洞分析(CVE-2021-44790):
https://mp.weixin.qq.com/s/VjSpJW-1sYM1BwDPQZDqFA
・ Apache HTTP Server mod_lua 模块缓冲区溢出漏洞分析(CVE-2021-44790)
– Jett
• Security Hardening: Use of eBPF by unprivileged users has been disabled by default | Support | SUSE:
https://www.suse.com/support/kb/doc/?id=000020545
・ SUSE 发行版因担心 eBPF 的漏洞决定限制普通用户使用 eBPF
– Jett
• [Tools] Capturing RDP NetNTLMv2 Hashes: Attack details and a Technical How-To Guide:
https://www.gosecure.net/blog/2022/01/17/capturing-rdp-netntlmv2-hashes-attack-details-and-a-technical-how-to-guide/
・ 基于 PyRDP 工具从 RDP 流量中截获 RDP NetNTLMv2 Hash
– Jett
• 不完美的条件竞争JNDI漏洞利用链发现过程:
https://tttang.com/archive/1409/
・ 不完美的条件竞争JNDI漏洞利用链发现过程.
– lanying37
• Intro to Embedded RE Part 1: Tools and Series Overview:
https://voidstarsec.com/blog//2022/01/17/intro-to-embedded-part-1
・ 嵌入式设备逆向所需的工具链
– Jett
• StopDefender:
https://github.com/lab52io/StopDefender
・ 从 TrustedInstaller 和 winlogon 窃取 token,禁用 Windows Defender
– Jett
• Stealing administrative JWT’s through post auth SSRF (CVE-2021-22056):
https://blog.assetnote.io/2022/01/17/workspace-one-access-ssrf/
・ 利用 VMWare Workspace One Access 的 SSRF 漏洞泄露管理员身份 JWT
– Jett
• [Reverse Engineering, Tools] README.md:
https://github.com/ptswarm/reFlutter
・ reFlutter – Flutter 逆向框架,辅助逆向基于 Flutter 包构建的 App
– Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(01-18)
