每周蓝军技术推送(2024.12.7-12.13)
2024-12-13 10:1:0 Author: mp.weixin.qq.com(查看原文) 阅读量:5 收藏

内网渗透

DCOMUploadExec:完全基于DCOM的文件投递横向移动工具

https://github.com/deepinstinct/DCOMUploadExec

https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor

默认启用EPA以缓解NTLM中继攻击风险

https://msrc.microsoft.com/blog/2024/12/mitigating-ntlm-relay-attacks-by-default/

终端对抗

snapinject_rs:基于SnapLoader的Rust进程注入工具

https://github.com/Teach2Breach/snapinject_rs

LexiCrypt:使用随机生成密钥的替换密码进行Shellcode加密工具

https://github.com/tehstoni/LexiCrypt

c_syscalls:Windows平台单一存根直接与间接系统调用实现

https://github.com/C5Hackr/c_syscalls

NativeBypassCredGuard:利用NTAPI函数绕过Credential Guard并修改WDigest.dll

https://ricardojoserf.github.io/nativebypasscredguard/

https://github.com/ricardojoserf/NativeBypassCredGuard

CobaltStrike官方后渗透扩展插件分析

https://rastamouse.me/cobalt-strike-postex-kit/

Rusty-Telephone:通过音频输出从远程桌面会话中提取数据的隐蔽通道

https://github.com/referefref/Rusty-Telephone

漏洞相关

CVE-2024-41713:Mitel MiCollab身份验证绕过及任意文件读取漏洞分析

https://github.com/watchtowrlabs/Mitel-MiCollab-Auth-Bypass_CVE-2024-41713

LINQPad中的反序列化漏洞发现与利用方法探讨

https://trustedsec.com/blog/discovering-a-deserialization-vulnerability-in-linqpad

云安全

AWS Lambda配置错误如何导致横向移动

https://www.sentinelone.com/blog/lateral-movement-in-aws-lambda-environments/

AWS re Invent 2024 安全讲座视频

https://www.youtube.com/playlist?list=PLdq8VB0hSfcYjWMBLrItQTNSbhXZ-jElD

AWS公共资源利用 CLI 攻击手册

https://hackingthe.cloud/aws/exploitation/Misconfigured_Resource-Based_Policies/exploting_public_resources_attack_playbook/

terraform-provider-statefile-rce:Terraform提供程序远程RCE攻击POC

https://github.com/offensive-actions/terraform-provider-statefile-rce

滥用OPA与Terraform中的特定领域语言 (DSL)实现凭证盗窃和代码执行

https://www.tenable.com/blog/the-dark-side-of-domain-specific-languages-uncovering-new-attack-techniques-in-opa-and

人工智能和安全

人工智能Agents代理对网络安全影响分析

https://www.resilientcyber.io/p/agentic-ais-intersection-with-cybersecurity

利用人工智能提升模糊测试漏洞挖掘效果

https://security.googleblog.com/2024/11/leveling-up-fuzzing-finding-more.html

其他

CRXaminer:分析Chrome扩展的安全问题

https://github.com/markkcc/crxaminer

evilaltiris:从Symantec Management Agent提取账户连接凭据

https://github.com/mdsecactivebreach/evilaltiris

https://www.mdsec.co.uk/2024/12/extracting-account-connectivity-credentials-accs-from-symantec-management-agent-aka-altiris/

利用SHA-256碰撞和命令注入攻击OpenWrt供应链

https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/

M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群

往期推荐

每周蓝军技术推送(2024.11.30-12.6)

每周蓝军技术推送(2024.11.23-11.29)

每周蓝军技术推送(2024.11.16-11.22)


文章来源: https://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247493931&idx=1&sn=08436546bb7c42e99c23d59a9cac93cf&chksm=c184293af6f3a02c2d5dea6153c2609b0d82f31b3b2810bffe1e4c48d1dabee0722f3b8fb201&scene=58&subscene=0#rd
如有侵权请联系:admin#unsafe.sh