每周蓝军技术推送(2022.10.22-10.28)
2022-10-28 18:1:57 Author: M01N Team(查看原文) 阅读量:18 收藏

内网渗透

GetFGPP:获取AD域密码细粒度策略

https://github.com/n00py/GetFGPP

AD域横向移动和后渗透备忘录

https://medium.com/@kuwaitison/active-directory-lateral-movement-and-post-exploitation-cheat-sheet-3170982a7055

cypherhound:包含260多个用于BloodHound数据集neo4j密码

https://github.com/fin3ss3g0d/cypherhound

终端对抗

PatchThatAMSI:强制触发AmsiOpenSession中的条件跳转,以关闭AMSI扫描会话

https://github.com/D1rkMtr/PatchThatAMSI

SharpEfsPotato:使用EfsRpc从SeImpersonatePrivilege进行本地提权

https://github.com/bugch3ck/SharpEfsPotato

ScreenshotBOF:Cobalt Strike屏幕截图,使用WinAPI并且不执行fork&run

https://github.com/CodeXTF2/ScreenshotBOF

ASP.NET应用程序的IIS进程上下文中泄露令牌句柄分析

https://www.tarlogic.com/blog/token-handles-abuse-one-shell-to-handle-them-all/

使用AutodialDLL注册表子项进行持久化

https://www.mdsec.co.uk/2022/10/autodialdlling-your-way/

DragonCastle:结合AutodialDLL横向移动和SSP从LSASS进程中抓取NTLM哈希

https://github.com/mdsecactivebreach/DragonCastle

geacon_pro:基于Golang开发的CobaltStrike Beacon重构项目

https://github.com/H4de5-7/geacon_pro

使用 C 语言创建完全不可检测的有效负载 (FUD)

https://medium.com/@lsecqt/creating-fully-undetectable-payload-fud-with-c-46a734837d1c

https://www.youtube.com/watch?v=Pu06zYUdpGs

漏洞相关

Microsoft SharePoint Server身份认证后服务器端请求伪造漏洞

https://starlabs.sg/blog/2022/10-sharepoint-post-authenticated-ssrf-vulnerability/

CVE-2022-33647/CVE-2022-33679:Kerberos协议RC4加密模式下的已知密文攻击和密钥覆盖暴力破解攻击

https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html

CVE-2022-34718:Windows TCP/IP远程代码执行漏洞分析

https://medium.com/numen-cyber-labs/analysis-and-summary-of-tcp-ip-protocol-remote-code-execution-vulnerability-cve-2022-34718-8fcc28538acf

CVE-2022-38029:Windows ALPC UAF漏洞分析

http://www.whsgwl.net/images/NtosKrnl_ALPC_UAF_AlpcpMapLegacyPortView.pdf

云安全

AWS SDK错误应用导致程序使用危险的系统角色

https://blog.doyensec.com/2022/10/18/cloudsectidbit-dataimport.html

其他

绕过Mimecast URL和文件检查

https://www.netspi.com/blog/technical/social-engineering/bypassing-mimecast-email-defenses/

DEF CON 30会议视频发布

https://www.youtube.com/user/DEFCONConference/videos

2022攻击向量报告

https://warroom.rsmus.com/wp-content/uploads/2022/10/2022-Attack-Vectors-Report.pdf

Sigstore发布:签署、验证和保护软件的新技术

https://github.blog/2022-10-25-why-were-excited-about-the-sigstore-general-availability/

https://openssf.org/press-release/2022/10/25/sigstore-announces-general-availability-at-sigstorecon/

交互式C/C++动态解析命令行

https://github.com/hanoglu/TermiC

往期推荐

每周蓝军技术推送(2022.10.15-10.21)

每周蓝军技术推送(2022.10.1-10.14)

每周蓝军技术推送(2022.9.24-9.30)

M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群


文章来源: http://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247490012&idx=1&sn=1a47a91e1cfb523577bd6230e98cbd9c&chksm=c187d9cdf6f050dbadbf76a31a122df14d0967a6bda819ab7843e9c6e6a5b3c361f896d22adc#rd
如有侵权请联系:admin#unsafe.sh