每日安全资讯-2020.7.9

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:IE11 UaF漏洞分析、Citrix多个漏洞分析、Android MX Player-路径遍历到RCE、从反序列化到类型混淆漏洞——记一次 ecshop 实例利用、Apache Shiro权限绕过漏洞分析、Android的特殊攻击面(三)——隐蔽的call函数、PHP 7.4+ disable_functions使用FFI绕过、Windows进程注入(EM_GETHANDLE, WM_PASTE,EM_SETWORDBREAKPROC)等。

【漏洞分析区】
1、An exploitation case study of CVE-2020-1062, a use-after-free vulnerability in IE11
https://www.accenture.com/us-en/blogs/cyber-defense/exploitation-case-study-cve-2020-1062-vulnerability-in-ie11

2、Adventures in Citrix security research
https://dmaasland.github.io/posts/citrix.html

3、Remote Code Execution in Citrix ADC(CVE-2019-19781)

4、Android MX Player — Path Traversal to Code Execution (CVE-2020–5764)

5、从反序列化到类型混淆漏洞——记一次 ecshop 实例利用
https://paper.seebug.org/1267/

6、Apache Shiro权限绕过漏洞分析(CVE-2020-11989)
https://xz.aliyun.com/t/7964

【技术分享区】
7、Android的特殊攻击面(三)——隐蔽的call函数

8、PHP 7.4+ disable_functions Bypass using FFI

9、Windows Process Injection: EM_GETHANDLE, WM_PASTE and EM_SETWORDBREAKPROC

10、Fuzzing the Windows API for AV Evasion
https://winternl.com/fuzzing-the-windows-api-for-av-evasion/

11、Restricting SMB-based lateral movement in a Windows environment

12、LoRaWAN 1.0, vulnerabilities and backward compatibility in version 1.1

13、Threat Group Cards: A Threat Actor Encyclopedia-Over 100 threat groups/APT’s have been added to this revised version

#工具#dll-hijack-by-proxying:Exploiting DLL Hijacking by DLL Proxying Super Easily

#工具#Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.