每日安全动态推送(2-3)

Tencent Security Xuanwu Lab Daily News

• Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover:
https://www.darkreading.com/ics-ot/command-injection-bug-cisco-industrial-gear-devices-complete-takeover

   ・ Cisco系列产品中出现高危漏洞。CVE-2023-20076：远程命令注入，需要身份认证；CSCwc67015：任意文件写，可导致代码执行。 – keenan

• Unlocking the Secrets of LSA:
https://infosecwriteups.com/unlocking-the-secrets-of-lsa-5bd29d5c6927?source=rss—-7b722bfd1b8d—4

   ・ 红队入门级介绍，利用 Crackmapexec 和 mimikatz 绕过 LSA 进行Windows 域渗透，建议和文中提到的“上一篇博客”一起阅读 – ThomasonZhao

• CVE-2023-22374: F5 BIG-IP Format String Vulnerability:
https://blog.rapid7.com/2023/02/01/cve-2023-22374-f5-big-ip-format-string-vulnerability/

   ・ F5 BIG-IP的blind format string漏洞，可导致服务崩溃甚至RCE – xmzyshypnc

• CVE-2021-21551:
https://github.com/nanabingies/CVE-2021-21551

   ・ Dell dbutil_2_3.sys 驱动提权漏洞的exp – keenan

• Froxlor v2.0.6 Remote Command Execution (CVE-2023-0315):
https://shells.systems/froxlor-v2-0-6-remote-command-execution-cve-2023-0315/

   ・ Froxlor v2.0.6 RCE漏洞 (CVE-2023-0315) – crazyman

• [Windows] Mimikatz与Bypass Credential Guard的记录 – 先知社区:
https://xz.aliyun.com/t/12097

   ・ Mimikatz Bypass Credential Guard的记录 – ThomasonZhao

• [Tools] Taking the next step: OSS-Fuzz in 2023:
https://security.googleblog.com/2023/02/taking-next-step-oss-fuzz-in-2023.html?m=1

   ・ OSS-Fuzz后续研究计划，将从提升贡献者奖金、增加更多语言Fuzz支持、FuzzIntrospector支持等方面进行改进。 – P4nda

• [CTF] Firebird Internal CTF 2023 Writeup:
https://mystiz.hk/posts/2023/2023-01-30-firebird-internal-ctf/

   ・ Firebird Internal CTF 2023 Writeup – crazyman

• 一、JDBC简介:
https://tttang.com/archive/1877/

   ・ MYSQL JDBC反序列化攻击介绍 – WireFish

• iptables 在 Android 抓包中的妙用:
https://mp.weixin.qq.com/s/P0ESUUXBmq2aQnrqDHsDaw

   ・ 使用ipatables命令对Android应用抓包分析。 – P4nda

• Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility:
https://thehackernews.com/2023/02/researchers-uncover-new-bugs-in-popular.html

   ・ 网络安全研究人员披露了开源 ImageMagick 中两个安全漏洞的细节，这些漏洞可能导致拒绝服务（DoS）和信息泄露。 – ThomasonZhao

• [Virtualization, Tools] CloudGPT – Use ChatGPT to analyze AWS policies for vulnerabilities:
https://gist.github.com/ustayready/c29e9f9dca0a0b8170fbdfec11afc349

   ・ 使用ChatGPT分析AWS policy发现漏洞的案例。 – Atum

• CVE-2023-23924: Critical-Severity RCE Flaw Found in Popular Dompdf Library:
https://securityonline.info/cve-2023-23924-critical-severity-rce-flaw-found-in-popular-dompdf-library/

   ・ Dompdf的URI验证可通过字母大写进行绕过，导致漏洞产生 – keenan

• [Web] WordPress Vulnerability & Patch Roundup January 2023:
https://sucur.it/3JxrIl4

   ・ WordPress漏洞整理 – keenan

• Security Advisory: Remote Command Execution in binwalk:
https://onekey.com/blog/security-advisory-remote-command-execution-in-binwalk/

   ・ binwalk存在一个路径穿越导致的任意文件写漏洞，可以导致RCE – Atum

• [Tools] Alcatraz: x64 binary obfuscator:
https://securityonline.info/alcatraz-x64-binary-obfuscator/

   ・ 一款X64二进制混淆工具，介绍了一些二进制混淆的方法和原理 – ArisXu

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(2-3)