第十七周/20220124 红队推送

第十七周/20220124 红队推送
2022-1-24 17:52:43 Author: mp.weixin.qq.com(查看原文) 阅读量:2 收藏

【特别推荐】

云环境潜在威胁分析——AWS Lamda

https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre/

Project Zero - Zoom安全性分析

https://googleprojectzero.blogspot.com/2022/01/zooming-in-on-zero-click-exploits.html

红队文章

大型JAVA项目审查工具编写思考

https://www.synacktiv.com/en/publications/captain-hook-how-not-to-look-for-vulnerabilities-in-java-applications.html

用OLETOOLS进行恶意宏分析

https://infosecwriteups.com/maldoc101-malicious-macros-analysis-with-oletools-8be3cda84544

JNDI漏洞利用探索

https://mp.weixin.qq.com/s/I-5S45gsVbi9O9oJNhO_FQ

干货 | 最全的Weblogic漏洞复现笔记

https://mp.weixin.qq.com/s/pb0GGzku4tYX6acYOrtOxQ

Linux痕迹清除

https://mp.weixin.qq.com/s/mz4Bb-vtk3wlHApYWHiyJA

Tomcat下JNDI高版本绕过浅析

https://mp.weixin.qq.com/s/gBuKDjRfnbJDv6TG5F6q3w

远程开启3389及添加用户总结

https://mp.weixin.qq.com/s/LqJLjrKWzfqOWK8CE5JuJA

红队工具

StopDefender

https://github.com/lab52io/StopDefender

pip-audit：审计本地Python环境

https://github.com/trailofbits/pip-audit

Yasso：内网辅助渗透测试工具

https://securityonline.info/yasso-intranet-assisted-penetration-toolset/

Volana：Shell命令混淆工具

https://github.com/ariary/volana

reFlutter：应用逆向分析

https://github.com/ptswarm/reFlutter

漏洞研究

Worktime 10.20 Build 4967 Unquoted Service Path

https://cxsecurity.com/issue/WLB-2022010079

SB Admin Cross Site Request Forgery / SQL Injection

https://cxsecurity.com/issue/WLB-2022010081

Chaos Ransomware Builder 4 Insecure Permissions

https://cxsecurity.com/issue/WLB-2022010083

AgentTesla Builder Web Panel / SQL Injection

https://cxsecurity.com/issue/WLB-2022010085

Developed by : Muhammad Jamil - SQL Injection

https://cxsecurity.com/issue/WLB-2022010086

Win32.MarsStealer Web Panel / Unauthenticated Remote Data Deletion

https://cxsecurity.com/issue/WLB-2022010087

Win32.MarsStealer Web Panel / Unauthenticated Remote Information Disclosure

https://cxsecurity.com/issue/WLB-2022010088

Worktime 10.20 Build 4967 DLL Hijacking

https://cxsecurity.com/issue/WLB-2022010090

Nyron 1.0 SQL Injection

https://cxsecurity.com/issue/WLB-2022010091

Simple Chatbot Application 1.0 SQL Injection

https://cxsecurity.com/issue/WLB-2022010092

Simple Chatbot Application 1.0 Shell Upload

https://cxsecurity.com/issue/WLB-2022010093

Creston Web Interface 1.0.0.2159 Credential Disclosure

https://cxsecurity.com/issue/WLB-2022010094

SalonERP 3.0.1 sql SQL Injection (Authenticated)

https://cxsecurity.com/issue/WLB-2022010096

Landa Driving School Management System 2.0.1 Arbitrary File Upload

https://cxsecurity.com/issue/WLB-2022010097

WordPress PluginWP Visitor Statistics 4.7 SQL Injection

https://cxsecurity.com/issue/WLB-2022010098

Picaporte Design- Sql Injection Vulnerability

https://cxsecurity.com/issue/WLB-2022010099

Archeevo 5.0 Local File Inclusion

https://cxsecurity.com/issue/WLB-2022010100

更多互动可点击阅读原文

文章来源: https://mp.weixin.qq.com/s?__biz=MzIxMjI0Mzk0OQ==&mid=2247485227&idx=1&sn=8488af668c621f992c7cb0bfda624ef9&chksm=974843a9a03fcabfa1fd6ee30ce8d682d3b1657549bb207e277acd1131bc5a93d7044a52b8eb&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh