每日安全动态推送(02-08)

Tencent Security Xuanwu Lab Daily News

• 如何对ARM架构下的VxWorks系统固件进行修复？:
https://tttang.com/archive/1418/

   ・ 如何对ARM架构下的VxWorks系统固件进行修复？ – lanying37

• 服务器端模版注入SSTI分析与归纳:
https://tttang.com/archive/1412/

   ・ 服务器端模版注入SSTI分析与归纳. – lanying37

• [Android] Smali the Parseltongue Language:
http://blog.quarkslab.com/smali-the-parseltongue-language.html

   ・ 修改 Smali 代码，重打包 Android APK – Jett

• [Browser] [PDF] https://saelo.github.io/presentations/offensivecon_22_attacking_javascript_engines.pdf:
https://saelo.github.io/presentations/offensivecon_22_attacking_javascript_engines.pdf

   ・ Attacking JavaScript Engines in 2022，来自 OffensiveCon 2022 会议 – Jett

• CodeQL 提升篇:
https://tttang.com/archive/1415/

   ・ CodeQL 学习提升篇. – lanying37

• [Tools] Invisible Sandbox Evasion – Check Point Research:
https://research.checkpoint.com/2022/invisible-cuckoo-cape-sandbox-evasion

   ・ 利用 Cuckoo Sandbox 处理不当的 Windows API Hook 函数逃逸沙箱检测 – Jett

• SIM Hijacking:
https://sensepost.com/blog/2022/sim-hijacking/

   ・ SIM卡劫持分析研究. – lanying37

• infosec-presentations/OffensiveCon/2022/This are my principals.pdf:
https://github.com/tyranid/infosec-presentations/blob/master/OffensiveCon/2022/This%20are%20my%20principals.pdf

   ・ James Forshaw 在 OffensiveCon 2022 会议关于 Kerberos Authentication Relaying 研究的分享 – Jett

• [Pentest] Attacks on JSON Web Token (JWT):
https://infosecwriteups.com/attacks-on-json-web-token-jwt-278a49a1ad2e

   ・ 对 JSON Web Token (JWT) 的攻击方法总结. – lanying37

• 从 0 开始学 V8 漏洞利用之 CVE-2021-30517（七）:
http://paper.seebug.org/1826/

   ・ 从 0 开始学 V8 漏洞利用之 CVE-2021-30517（七） – lanying37

• Exploring UNIX pipes for iOS kernel exploit primitives, and introducing kalloc_data_require:
https://tfp0labs.com/blog/unix-pipes-exploitation

   ・ Exploring UNIX pipes for iOS kernel exploit primitives, and introducing kalloc_data_require  – Jett

• Java反序列化漏洞研究前序: Transformer、动态代理与注解:
http://terenceli.github.io/%E6%8A%80%E6%9C%AF/2022/01/30/java-dynamic-proxy-and-annotation

   ・ Java 反序列化漏洞研究前序: Transformer、动态代理与注解 – Jett

• A story of leaking uninitialized memory from Fastly:
https://medium.com/@emil.lerner/leaking-uninitialized-memory-from-fastly-83327bcbee1f

   ・ A story of leaking uninitialized memory from Fastly – Jett

• [Fuzzing] [PDF] https://fuzzinglabs.com/wp-content/uploads/2022/02/Beaconfuzz_OffensiveCon2022_patrick_ventuzelo.pdf:
https://fuzzinglabs.com/wp-content/uploads/2022/02/Beaconfuzz_OffensiveCon2022_patrick_ventuzelo.pdf

   ・ BeaconFuzz – Ethereum 2.0 区块链 Fuzz，来自 OffensiveCon 2022 会议 – Jett

• CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin:
https://www.thezdi.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin

   ・ Pwn2Own Austin 2021 Samba 堆内存越界读写 RCE 漏洞的分析（CVE-2021-44142） – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(02-08)