每日安全动态推送(2-13)

Tencent Security Xuanwu Lab Daily News

• [Windows] 2369 – Windows Kernel use-after-free due to dangling registry link node under paged pool memory pressure – project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2369

   ・ windows kernel中注册表相关的一个UAF漏洞，当内存压力过大导致内存分配失败，负责释放注册表子键对象的函数可能直接返回，从而导致内存释放失败，造成UAF – xmzyshypnc

• Fortra GoAnywhere MFT Unsafe Deserialization Remote Code Execution:
https://packetstormsecurity.com/files/170940

   ・ CVE-2023-0669 的 EXP – keenan

• Black Hat Asia 2023 | Briefings Schedule:
https://bit.ly/3llEsBk

   ・ 部分公开的Black Hat Asia 2023的议题题目 – xmzyshypnc

• [Reverse Engineering] Go to Shell Reverse Engineering Kernel Modifications with QEMU gdb:
https://github.com/batteryshark/writeups/wiki/Go-to-Shell—Reverse-Engineering-Kernel-Modifications-with-QEMU-gdb

   ・ 利用 QEMU + GDB 帮助魔改，逆向和理解嵌入式系统内核 – ThomasonZhao

• [Tools] ⚙️ Usage:
https://github.com/Cyber-Buddy/APKHunt

   ・ 一个基于OWASP MASVS (Mobile Application Security Verification Standard) 的安卓应用安全检测工具。 – Atum

• [Tools] Defeating VMProtect’s Latest Tricks:
https://cyber.wtf/2023/02/09/defeating-vmprotects-latest-tricks/

   ・ 绕过 VMProtect 最新反调试的方法 – keenan

• [Linux, Tools] Analysing Linux Kernel Commits:
https://sam4k.com/analysing-linux-kernel-commits/

   ・ 在Linux Kernel项目中根据git commits记录自动化找到其中包含的静默修复的安全漏洞 – P4nda

• [Malware, Android] Technical analysis of Godfather android malware:
https://muha2xmad.github.io/malware-analysis/godfather/

   ・ 对安卓端恶意程序 Godfather 的详细分析，包括运行环境检测、设备信息收集、利用呼叫转移绕过双因素认证等。 – keenan

• [Tools] GitHub – BKreisel/CVE-2022-23935: ? Python Exploit for CVE-2022-23935:
https://github.com/BKreisel/CVE-2022-23935

   ・ CVE-2022-23935 的 Python Exp 。漏洞源自于 ExifTool ，一款开源软件，用于读取、写入和操作图像、音频、视频和 PDF 元数据，该漏洞错误地处理了 file 参数的检查，导致命令注入。 – ThomasonZhao

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab

原文始发于微信公众号（腾讯玄武实验室）：每日安全动态推送(2-13)