每日安全动态推送(2-7)

Tencent Security Xuanwu Lab Daily News

• eSROP Attack: Leveraging Signal Handler to Implement Turing-Complete Attack Under CFI Defense:
https://link.springer.com/chapter/10.1007/978-3-031-25538-0_39

   ・ 一种新的SROP技术，图灵完备并且可以绕过CFI。 – Atum

• Automation using python in bug bounty’s (full practical explanation).:
https://sn0xsharma.medium.com/automation-using-python-in-bug-bountys-full-practical-explanation-e1e694c43f78

   ・ 介绍了一系列工具用来bug bountry自动化。内容比较初级。 – Atum

• Hacking into Toyota’s global supplier management network : netsec:
https://www.reddit.com/r/netsec/comments/10vb5qy/hacking_into_toyotas_global_supplier_management/

   ・ 攻入丰田GSPIMS系统的历程。该系统允许用户只通过email地址进行登陆，作者借此获得了系统管理员权限。 – keenan

• [Linux] [PUBLIC] Kernel Exploit Recipes Notebook:
https://docs.google.com/document/d/1a9uUAISBzw3ur1aLQqKc5JOQLaJYiOP5pe_B4xCT1KA/edit#heading=h.6141m9mqkmgh

   ・ kCTF VRP中收到的Linux内核漏洞信息及利用方式汇总文档。 – P4nda

• Apache SCXML Remote Code Execution:
https://pyn3rd.github.io/2023/02/06/Apache-SCXML-Remote-Code-Execution/

   ・ Apache SCXML中的SCXMLReader对象未对传入的XML文件URL进行检查导致RCE – keenan

• [Tools] The technology behind GitHub’s new code search:
https://github.blog/2023-02-06-the-technology-behind-githubs-new-code-search/

   ・ 介绍 github 新研发的代码搜索功能所使用的底层算法 – WireFish

• [Android] 2374 – project-zero – Project Zero – Monorail:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2374

   ・ 由于锁的错误使用导致的Android Binder UAF漏洞细节（CVE-2023-20928） – P4nda

• CVE-2022-44268 Arbitrary File Read PoC – PNG generator:
https://github.com/voidz0r/CVE-2022-44268

   ・ ImageMagick 任意文件读的POC。漏洞存在于PNG的generator中。 – Atum

• [Fuzzing] No-Fuzz: Efficient Anti-fuzzing Techniques:
https://link.springer.com/chapter/10.1007/978-3-031-25538-0_38

   ・ 反fuzz技术论文，防止应用程序被fuzz – WireFish

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(2-7)