Tencent Security Xuanwu Lab Daily News
• [Tools] Reversing The EVM: Raw Calldata:
https://degatchi.com/articles/reading-raw-evm-calldata
・ EVM中calldata编码与解码
– keenan
• How to get a heart attack while using JEB decompiler:
https://blog.stmcyber.com/how-to-get-a-heart-attack-while-using-jeb-decompiler/
・ JEB在逆向时会在沙箱中执行目标程序的代码,但在Java 18中不使用指定flag则沙箱不会被开启,此时代码会直接在环境中执行,给JEB使用者带来风险。
– keenan
• [Tools] 100 Red Team Projects for Pentesters and Network Managers:
https://github.com/kurogai/100-redteam-projects
・ 100 Red Team Projects for Pentesters and Network Managers
– lanying37
• [Malware] Cybercriminals Bypass ChatGPT Restrictions to Generate Malicious Content:
https://blog.checkpoint.com/2023/02/07/cybercriminals-bypass-chatgpt-restrictions-to-generate-malicious-content/
・ 通过直接调用text-davinci-003可以绕过chatgpt content filtering。不过严格意义上来说text-davinci-003和chatgpt并不是同一个模型
– Atum
• [Tools] A Different Payload for CVE-2022-47966:
https://vulncheck.com/blog/cve-2022-47966-payload
・ Apache xmlsec 相关软件远程代码执行漏洞(CVE-2022-47966)的另外一种payload,可以绕过一些公开的漏洞利用检测。
– P4nda
• GitLab GitHub Repo Import Deserialization Remote Code Execution:
https://packetstormsecurity.com/files/171008
・ 一个gitlab导入github repo的反序列化漏洞的exp
– Atum
• [PDF] https://martinschwarzl.at/media/files/thesis_main.pdf:
https://martinschwarzl.at/media/files/thesis_main.pdf
・ 远程侧信道攻击与防御
– keenan
* 查看或搜索历史推送内容请访问:
https://sec.today
* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab
原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(2-16)
