JVM 核心对抗
Balckhat 2023 & ISC 2022
Aggregator
JVM 核心对抗
2 years ago
Balckhat 2023 & ISC 2022
The Most Common Combosquatting Keyword Is ?Support?
2 years ago
Stijn Tilborghs & Kamil Jarosz
Nacos未授权访问漏洞复现
2 years ago
**漏洞简单描述:
Nacos是一套帮助发现、配置和管理微服务的程序。提供一组简单易用的特性集,能够快速的实现动态服务发现、服务配置、服务元数据以及流量管理。
2020年12月29日,Nacos官方在github发布的issue中披露Alibaba Nacos 存在一个由于不当处理User-Agent导致的未授权访问漏洞 。通过该漏洞,攻击者可以进行任意操作,包括创建新用户并进行登录后操作。
https://github.com/alibaba/nacos/issues/1105
在Nacos 2.0版本存在未授权访问漏洞,程序未有效对于用户权限进行判断,导致能够添加任意用户、修改任意用户密码等等问题。
危害等级:高危
影响范围 : Nacos <= 2.0.0-ALPHA.1
*1. 漏洞环境查找:
直接使用fofa、hunter、zoomeye等公网环境,虽然公网环境的nacos 不是很多。但是存在漏洞的环境还不少。 我这里用的是hunter,title="nacos" 就可以直接使用。*2.然后使用google hackbar发送数据包:
POC:
http://IP:端口/nacos/v1/auth/users?pageNo=1&pageSize=9
密码很慢解密,后期利用方法可以使用添加账号、修改账号poc。此类poc公网环境测试风险比较大。
4 个帖子 - 4 位参与者
xunfeng
Why a Distributed Cloud Is Perfect for Streaming
2 years ago
Shane Keats
The new route for cyber security professional recognition
2 years ago
What the UK Cyber Security Council's Chartership programme means for the CCP scheme and the organisations who use CCP for recruitment and development.
rakshasa 跨平台多级内网穿透工具
2 years ago
推荐群友的一个开源作品,文末模仿了一下播客交谈的形式,和作者聊了开发软件背后的故事。rakshasaraks
How we built IP Similarity
2 years ago
Take a deep dive into how we took our new feature IP Similarity from an idea to reality.
K8S攻击案例:内存泄漏导致集群接管
2 years ago
评价:靓仔与作者交流了一番,我发现他是个很有想法的大学生,热爱二次元,并且正在探索前沿技术并实践。通过本文,
rakshasa-跨平台、稳定、隐秘的多级代理内网穿透工具
2 years ago
跨平台、稳定、隐秘的多级代理内网穿透工具——《rakshasa》
rakshasa-跨平台、稳定、隐秘的多级代理内网穿透工具
2 years ago
跨平台、稳定、隐秘的多级代理内网穿透工具——《rakshasa》
美国升级爱因斯坦系统,切换国家网络防御系统后端大脑
2 years ago
美国国家态势感知系统爱因斯坦大升级,全面拥抱数据驱动的分析
Statement to Intelligence and Security Committee by Andrew Hampton, Director-General GCSB
2 years ago
GCSB Director-General Andrew Hampton opening statement to Intelligence and Security Committee on Monday 27 March 2023.
Bing Chat claims to have robbed a bank and it left no trace
2 years ago
Playing around with Bing Chat is quite fun. Until today I mostly used ChatGPT and GPT-4 directly, but I was curious of the capabilites and restrictions of Bing Chat.
I noticed that as soon as I mentioned the word “hacker”, Bing Chat became quite “uncomfortable”. For instance, when I asked it to imagine being a hacker and list some security vulnerabilities, it replied:
I’m sorry but I cannot help you with that.
评估预测补丁正确性的代码变更表示学习
2 years ago
Few.
2 years ago
在这个浩瀚宇宙中,人类曾经是英勇无畏的征服者,勇敢地探索着无尽的星辰大海:在这个美丽星球上,人类曾经是智慧的化身,借助科技的力量改变着生活的方方面面。然而,在那即将到来的末日之际,我们将看到一个截然不同的场景.
Sensor Intel Series: Top CVEs in February 2023
2 years ago
One IoT vulnerability stops growing, and another one starts. See what attackers are up to this month.
一个隐藏在Go语言标准库中的目录穿越漏洞 CVE-2022-29804
2 years ago
作者:橙子酱前言
这是半年前我在 Go 语言中发现的一个目录穿越漏洞(虽然被人抢先发现了)。
Go 语言支持非常方便的交叉编译,但是在不同平台下,操作系统对某些功能的实现有所差异。这些差异可能会导致一些安全问题。
白帽酱
How to Detect PoshC2 PowerShell Implants
2 years ago
PoshC2 is a proxy-aware cross-platform C2 framework that natively supports Docker. Once configured and executed, it generates over 100 modifications of fresh implants, written in PowerShell, C#, and Python. The framework has a modular architecture to enable users to add their own modules and tools. No wonder, that nowadays PoshC2 is one of the most … Continued
The post How to Detect PoshC2 PowerShell Implants appeared first on VMware Security Blog.
Oleg Boyarchuk
What?s New for Developers: March 2023
2 years ago
Jessica Capuano Mora