第七周/20211115红队推送

第七周/20211115红队推送
2021-11-15 21:23:5 Author: mp.weixin.qq.com(查看原文) 阅读量:0 收藏

基于区块链网络的匿名跨平台远控

https://github.com/Maka8ka/NGLite

浅谈JSP Webshell进阶免杀 - 跳跳糖

https://tttang.com/archive/1315/

TP-Link TL-WR840N EU v5 存在RCE（CVE-2021-41653）

https://k4m1ll0.com/cve-2021-41653.html

VMware vCenter Serve提取漏洞（CVE-2021-22048）

https://securityonline.info/cve-2021-22048-vmware-vcenter-server-privilege-escalation-vulnerability/

远程桌面连接客户端远程代码执行漏洞（CVE-2021-38666）

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38666

Microsoft Excel Security Feature Bypass（CVE-2021-42292）

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-42292

Microsoft Exchange Server远程代码执行漏洞（CVE-2021-42321）

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42321

Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL 信息泄露漏洞（CVE-2021-41374）

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1339

WordPress WP Reset PRO 插件版本<= 5.98 存在数据库重置漏洞（CVE-2021-36909）

https://securityaffairs.co/wordpress/124458/security/wp-reset-pro-wordpress-plugin-flaw.html?utm_source=feedly&utm_medium=rss&utm_campaign=wp-reset-pro-wordpress-plugin-flaw

资产管理系统ResourceSpace中的多个漏洞

https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace/

PAN-OS远程代码执行漏洞（CVE-2021-3064）

https://securityonline.info/cve-2021-3064-pan-os-pan-os-remote-code-execution-vulnerability/

Sitecore XP 远程命令执行漏洞（CVE-2021-42237）https://attackerkb.com/topics/g2wzJERRtL/cve-2021-42237/rapid7-analysis

TrojanSourceFinder v1.1.1：为你的源代码检测“Trojan Source”漏洞

https://securityonline.info/trojansourcefinder-detect-trojan-source-vulnerability-in-source-code/

哥斯拉JSP和java内存马全流量解密脚本

https://www.notion.so/0103sec/20211115-35bd208f872043799baded8507c63986#6e969846900d4dd09717b63a2cbc3f53

404星链计划-CDK:一款针对容器场景的多功能渗透工具

https://github.com/cdk-team/CDK/

一款GO写的支持http与socks5的端口复用小工具，可开启socks5代理。

https://github.com/TRYblog/multiplexing_port_socks5

重入滥用：一行代码绕过EDR检测

https://www.deepinstinct.com/blog/evading-antivirus-detection-with-inline-hooks

用MacOS漏洞分析水坑攻击

https://blog.google/threat-analysis-group/analyzing-watering-hole-campaign-using-macos-exploits/

JS代码中可隐藏不可见后门字符

https://www.bleepingcomputer.com/news/security/invisible-characters-could-be-hiding-backdoors-in-your-javascript-code/

使用编程标识符 (ProgID) 进行 UAC 绕过

https://v3ded.github.io/redteam/utilizing-programmatic-identifiers-progids-for-uac-bypasses

更多详情请查看原文

文章来源: https://mp.weixin.qq.com/s?__biz=MzIxMjI0Mzk0OQ==&mid=2247483737&idx=1&sn=0992a1fbf3fa373ea8172c09e5b35727&chksm=974845dba03fcccdb7d2228aa7f09ca6669da7fa63d1e36d8ee373006b733e5a48b6aa4b88ee&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh