每周蓝军技术推送(2024.6.1-6.7)

科技   科技   2024-06-07 16:37   北京  


Web安全


CVE-2024-4577:PHP CGI 参数注入远程代码执行漏洞

https://securityonline.info/cve-2024-4577-critical-php-vulnerability-exposes-millions-of-servers-to-rce/

https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/


 内网渗透


goLAPS:域内LAPS凭据检索工具

https://github.com/felmoltor/goLAPS

从备份中恢复失陷的ADCS系统

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/recover-an-adcs-platform-from-compromise/ba-p/4120889

VirtualGHOST:识别未在vCenter/ESXI中注册的虚拟机

https://github.com/CrowdStrike/VirtualGHOST

Cadiclus:适用于Linux的权限提升漏洞识别脚本

https://github.com/tjnull/pentest-arsenal/tree/main/Cadiclus

smbclient-ng:基于python的SMB共享访问工具

https://github.com/p0dalirius/smbclient-ng

NetWrapper:具备HTML报告导出的netexec工具封装

https://github.com/Edd13Mora/NetWrapper


终端对抗


RtlClone:使用NtCreateUserProcess实现进程克隆

https://github.com/rbmm/RtlClone

VerifierDll:借助Verifier DLL机制注入并HOOK进程

https://github.com/zodiacon/VerifierDll

https://scorpiosoftware.net/2024/06/01/building-a-verifier-dll/

在Elastic Defend中使用Windows API检测键盘记录器

https://www.elastic.co/security-labs/protecting-your-devices-from-information-theft-keylogger-protection

基于操作链的EDR能力评估新思考

https://posts.specterops.io/to-infinity-and-beyond-feab2d8ff93c

针对macOS和Linux的EDR遥测能力分析

https://www.outflank.nl/blog/2024/06/03/edr-internals-macos-linux/


漏洞相关


Linux 5.10内核权限提升漏洞POC

https://ssd-disclosure.com/ssd-advisory-linux-kernel-nft_validate_register_store-integer-overflow-privilege-escalation/

CVE-2024-27822:macOS PackageKit权限提升漏洞分析

https://khronokernel.com/macos/2024/06/03/CVE-2024-27822.html

CVE-2023-4069:Chrome V8 编译器pipeline攻击技术分析

https://www.matteomalvica.com/blog/2024/06/05/intro-v8-exploitation-maglev/

CVE-2023-6702:Chrome渲染器RCE漏洞POC

https://github.com/kaist-hacking/CVE-2023-6702

CVE-2024-29415:Node.js软件包node-ip存在SSRF攻击,数千万服务受影响

https://securityonline.info/cve-2024-29415-popular-node-js-package-node-ip-exposes-millions-to-potential-ssrf-attacks/#/


云安全


Amazon S3 错误配置攻击面分析

https://blog.plerion.com/things-you-wish-you-didnt-need-to-know-about-s3/


人工智能和安全


Microsoft 如何实现 AI Red Teaming

https://build.microsoft.com/en-US/sessions/0106b5b1-d727-4240-bb2e-dea325cb8519

CS-Eval 安全领域大模型网络安全能力评测集

https://cs-eval.com/

Copilot+ Recall信息泄露攻击面分析、武器化POC

https://doublepulsar.com/recall-stealing-everything-youve-ever-typed-or-viewed-on-your-own-windows-pc-is-now-possible-da3e12e9465e

https://github.com/xaitax/TotalRecall

https://github.com/Pennyw0rth/NetExec/pull/335

从零开始构建基于LLM的AI agent

https://blog.openthreatresearch.com/rise-of-the-planet-of-the-agents/


社工钓鱼


网络钓鱼诱饵生成器,通过WASM执行HTML smuggling攻击

https://labs.jumpsec.com/wasm-smuggling-for-initial-access-and-w-a-l-k-tool-release/

https://github.com/JumpsecLabs/WALK_WebAssembly_Lure_Krafter


其他


适用于Linode的Havoc C2自动化部署脚本

https://github.com/smokeme/ansible-havoc

威胁整个JavaScript生态,针对NPM registry的缓存投毒漏洞披露

https://www.landh.tech/blog/20240603-npm-cache-poisoning/

防范基于WIFI的定位暴漏风险

https://www.cs.umd.edu/~dml/papers/wifi-surveillance-sp24.pdf


M01N Team公众号

聚焦高级攻防对抗热点技术

绿盟科技蓝军技术研究战队

官方攻防交流群

网络安全一手资讯

攻防技术答疑解惑

扫码加好友即可拉群


往期推荐

每周蓝军技术推送(2024.5.25-5.31)

每周蓝军技术推送(2024.5.18-5.24)

每周蓝军技术推送(2024.5.11-5.17)

M01N Team
研战一体,以攻促防,共筑网络安全未来!
 最新文章