【知识】6月15日 - 每日安全知识热点

热点概要：root打印机：从厂商的安全公告到远程代码执行分析、使用Flare、Elastic Stack、IDS检测恶意软件通信的“信标”、通过跟踪事件日志检测横向移动、初识 Fuzzing 工具 WinAFL、蝴蝶效应与程序错误—一个渣洞的利用、Microsoft Windows Server中的WINS Server远程内存损坏漏洞分析、Linux sudo漏洞（CVE-2017-1000367）复现和利用思路分析

资讯类：

---

美政府：警惕朝“隐匿眼镜蛇”国家黑客组织

http://thehackernews.com/2017/06/north-korea-hacking-malware.html

技术类：

---

root打印机：从厂商的安全公告到远程代码执行分析

https://www.tenable.com/blog/rooting-a-printer-from-security-bulletin-to-remote-code-execution

看恶意耳机是如何攻击Nexus 9

https://alephsecurity.com/2017/06/13/nexus9-ephemeral-fiq/

服务器端请求伪造（SSRF）环境的搭建和利用

https://www.hackerone.com/blog-How-To-Server-Side-Request-Forgery-SSRF

使用Flare、Elastic Stack、IDS检测恶意软件通信的“信标”

http://www.austintaylor.io/detect/beaconing/intrusion/detection/system/command/control/flare/elastic/stack/2017/06/10/detect-beaconing-with-flare-elasticsearch-and-intrusion-detection-systems/

绕过多种保护机制编译的Web服务器

http://arielkoren.com/blog/2017/06/14/fusion-level05-solution/

通过跟踪事件日志检测横向移动

https://www.jpcert.or.jp/english/pub/sr/20170612ac-ir_research_en.pdf

越狱ios禁止SSL Pinning抓App Store的包

http://pwn.dog/index.php/Web-Security/ios-disable-ssl-pinning.html

Linux sudo漏洞（CVE-2017-1000367）复现和利用思路分析

http://www.freebuf.com/articles/system/136975.html

Apache Commons Fileupload 1.3.1 DOS(CVE-2016-3092)

https://threathunter.org/topic/594139ee03027c9d712abeff

初识 Fuzzing 工具 WinAFL

http://paper.seebug.org/323/

php里的随机数

http://5alt.me/2017/06/php%E9%87%8C%E7%9A%84%E9%9A%8F%E6%9C%BA%E6%95%B0/

某P2P系统对象自动绑定漏洞可任意充值

https://threathunter.org/topic/593ff6bc9c58e020408a79d4

蝴蝶效应与程序错误—一个渣洞的利用

http://weibo.com/ttarticle/p/show?id=2309404118504042313519

自动化挖掘 windows 内核信息泄漏漏洞

http://www.iceswordlab.com/2017/06/14/Automatically-Discovering-Windows-Kernel-Information-Leak-Vulnerabilities_zh/

Nmap 7.50发布，新增15个脚本

http://seclists.org/nmap-announce/2017/3

MarkLogic 8.04 远程代码执行漏洞分析

https://osandamalith.com/2017/06/14/windows-kernel-exploitation-arbitrary-overwrite/

windows内核利用-任意覆盖

http://blog.talosintelligence.com/2017/06/lexmark-perceptive-vuln-deep-dive.html

Microsoft Windows Server中的WINS Server远程内存损坏漏洞分析

https://blog.fortinet.com/2017/06/14/wins-server-remote-memory-corruption-vulnerability-in-microsoft-windows-server

分析Android上的广告库Xavier的信息窃取行为

https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-xavier-information-stealing-ad-library-android/

CVE-2017-8514：SharePoint的`Follow` 功能XSS

https://respectxss.blogspot.com.br/2017/06/a-look-at-cve-2017-8514-sharepoints.html

cve-2016-9651 exp和相关的paper

https://github.com/secmob/pwnfest2016/

CVE-2017-0138:Microsoft Edge ‘SparseArraySegment’内存损坏漏洞报告

http://www.security-assessment.com/files/documents/advisory/sparsearraysegment.pdf

CVE-2017-0130:Microsoft Internet Explorer ‘ToPrimitive’内存损坏漏洞报告

http://www.security-assessment.com/files/documents/advisory/toprimitive.pdf

PHP中的XXE攻击代码

https://gist.github.com/jobertabma/2900f749967f83b6d59b87b90c6b85ff