每日安全资讯-2020.7.21

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:针对SharePoint Server滥用DataSet的远程代码执行、从头开始编写iOS内核漏洞利用、基于macOS的复杂母子进程关系的漏洞挖掘等。

【病毒区】
1、Updates on ThiefQuest, the Quickly-Evolving macOS Malware

【漏洞分析区】
2、SharePoint and Pwn :: Remote Code Execution Against SharePoint Server Abusing DataSet(CVE-2020-1147)
https://srcincite.io/blog/2020/07/20/sharepoint-and-pwn-remote-code-execution-against-sharepoint-server-abusing-dataset.html

【技术分享区】
3、Writing an iOS Kernel Exploit from Scratch
https://secfault-security.com/blog/chain3.html

4、Fastjson: exceptional deserialization vulnerabilities

5、Low Level Process Hunting on macOS-understanding complex parent&child process relationships

6、How to automatically rewrite 700’000 lines of code to bypass most AV (Part II)
https://blog.scrt.ch/2020/07/15/engineering-antivirus-evasion-part-ii/

7、House of Io – Bypassing Safe-Linking and attacking Glibc’s tcache

8、Hacking the World with HTML

9、Evaluating the feasibility of enabling SMAP for the Windows kernel

10、Tricking the “Create snippet” feature into displaying the wrong filetype can lead to RCE on Slack users

#工具#SqlClient:.NET mssql client for accessing database data through beacon