每周蓝军技术推送(2023.5.20-5.26)
2023-5-26 18:2:46 Author: M01N Team(查看原文) 阅读量:23 收藏

Web安全

chromecookiestealer:通过DevTools (--remote-debugging-port) 协议窃取/注入Chrome cookie

https://github.com/magisterquis/chromecookiestealer

隐蔽通信的演变:从域前置到PAAS重定向器

https://www.bc-security.org/the-evolution-of-covert-communication-from-domain-fronting-to-paas-redirectors/

通过Sitecore 9.3 中的三个RCE和两个Auth绕过绕过IIS授权

https://blog.assetnote.io/2023/05/10/sitecore-round-two/

CVE-2023-2825:一个罕见的Gitlab目录穿越漏洞

https://rce.moe/2023/05/25/Gitlab-CVE-2023-2825/

集权设施攻防兵法:实战攻防之Exchange篇

https://mp.weixin.qq.com/s/2yL9RbOdX8DY8rHwYKci5w

内网渗透

CypherDog:通过Neo4j HTTP API与BloodHound数据交互

https://github.com/SadProcessor/CypherDog

ADCSKiller:自动化发现和利用ADCS漏洞

https://github.com/grimlockx/ADCSKiller

ssh-key-backdoor:在SSH公钥中植入后门

https://blog.thc.org/infecting-ssh-public-keys-with-backdoors

https://github.com/hackerschoice/ssh-key-backdoor

终端对抗

Chimera:具有EDR规避功能的自动化DLL侧加载工具

https://github.com/georgesotiriadis/Chimera

规避内存中Yara扫描的可拓展CS C2配置文件

https://www.cobaltstrike.com/blog/cobalt-strike-and-yara-can-i-have-your-signature/

HiddenDesktop:在用户不知情的情况下与远程桌面会话进行交互的CS BOF工具

https://github.com/WKL-Sec/HiddenDesktop

PPLFaultDumpBOF:PPL Fault Dump凭据获取CS BOF工具

https://github.com/trustedsec/PPLFaultDumpBOF

漏洞相关

CVE-2022-42475: FortiGate和FortiProxy设备中的堆溢出漏洞分析

https://bishopfox.com/blog/exploit-cve-2022-42475

CVE-2023-28771:Zyxel网络设备中存在未经身份验证的命令注入漏洞

https://attackerkb.com/topics/N3i8dxpFKS/cve-2023-28771/rapid7-analysis

CVE-2023-32784:KeePass 2.X可从内存转储文件中恢复明文主密码

https://github.com/vdohney/keepass-password-dumper

CVE-2023-1586:Avast中存在任意文件写入漏洞

https://the-deniss.github.io/posts/avast-privileged-arbitrary-file-create-on-restore/

其他

Postmaniac:Postman OSINT工具,可从Postman Public Workspaces中提取cred、token、用户名、电子邮件等

https://github.com/boringthegod/postmaniac

动态设备代码钓鱼

https://www.blackhillsinfosec.com/dynamic-device-code-phishing/

InterPlanetary文件系统:去中心化的网络钓鱼内容托管设施

https://www.netskope.com/blog/interplanetary-file-system-a-decentralized-place-to-host-phishing-content

RootedCON 2023:软件保护的故事:更好地结合密码学和混淆技术

https://github.com/arnaugamez/talks/tree/main/2023/01_rootedcon

Hypervisor:虚拟化网络安全技术资料汇总

https://github.com/AtonceInventions/Hypervisor

M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群

往期推荐

每周蓝军技术推送(2023.5.13-5.19)

每周蓝军技术推送(2023.5.6-5.12)

每周蓝军技术推送(2023.4.29-5.5)


文章来源: http://mp.weixin.qq.com/s?__biz=MzkyMTI0NjA3OA==&mid=2247491455&idx=1&sn=547ef48057deac1e23afa359bb20aa69&chksm=c187df6ef6f056781416ffe6700e67e7f39b7deac1ee6a289d35f2fdfe79ce8c185f95683fd3#rd
如有侵权请联系:admin#unsafe.sh