每日安全资讯-2020.10.26

声明:本文所有内容仅用于学习和研究目的,且不能违反《网络安全法》、《刑法》等相关要求,尤其禁止传播,或用于非善良目的。您查看本文,即视为遵守以上约定,否则责任自负。

今日导读:三星S20-通过三星Galaxy应用商店的RCE、Windows内核提权漏洞CVE-2020-1034、Apache Solr 未授权上传(RCE)漏洞(CVE-2020-13957)的原理分析与验证、Pass-the-hash WiFi等。

【漏洞分析区】
1、Samsung S20 - RCE via Samsung Galaxy Store App
https://labs.f-secure.com/blog/samsung-s20-rce-via-samsung-galaxy-store-app/

2、CVE-2020-1034 | Windows Kernel Elevation of Privilege Vulnerability
https://blog.br0vvnn.io/pages/blogpost.aspx?id=2

3、DLL Hijacking in NVIDIA System Management Interface (SMI)(CVE-2020-5980)

4、Apache Solr 未授权上传(RCE)漏洞(CVE-2020-13957)的原理分析与验证
https://www.freebuf.com/articles/network/252193.html

【技术分享区】
5、Let’s talk macOS Authorization

6、Gacrux – a basic C malware with a custom PE loader
https://krabsonsecurity.com/2020/10/24/gacrux-a-basic-c-malware-with-a-custom-pe-loader/

7、Pass-the-hash WiFi
https://sensepost.com/blog/2020/pass-the-hash-wifi/

8、Lists of .NET Obfuscator (Free, Trial, Paid and Open Source )

9、SecWiki周刊(2020/10/19-2020/10/25)
https://www.sec-wiki.com/weekly/347

#工具#setsidmapping:Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.

#工具#wsb-detect enables you to detect if you are running in Windows Sandbox (“WSB”).