Aggregator

某公司比赛内网渗透测试记录

The cybercriminal group known as Scattered Spider has significantly evolved its attack methodologies, demonstrating alarming sophistication in exploiting legitimate administrative tools to maintain persistent access to compromised networks. Also tracked under aliases including UNC3944, Scatter Swine, and Muddled Libra, this financially motivated threat actor has been actively targeting large enterprises since May 2022, with particular […]

The post Scattered Spider Upgraded Their Tactics to Abuse Legitimate Tools to Evade Detection and Maintain Persistence appeared first on Cyber Security News.

简单的链子进入题目看到一段代码：<?phpclass A {public $cmd;function __destruct() {if (isset($this->cmd)) {system($this->cmd);}}}​if (isset($_GET['data'])) {$data = $_GET['data'];@unserialize($data);} else {hi

A vulnerability, which was classified as critical, was found in OpenJPEG up to 2.4.0. This affects the function opj_j2k_add_tlmarker in the library lib/openjp2/j2k.c. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-56827. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GNU grub2 and classified as critical. Affected by this issue is some unknown functionality of the component BFS Parser. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2024-45778. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in GNU grub2. It has been classified as problematic. This affects an unknown part of the component BFS Parser. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2024-45779. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as critical has been found in Samba. Affected is an unknown function of the component LDAP Handler. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2020-25720. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in 389-ds-base. It has been classified as problematic. Affected is an unknown function of the component Extended Search Request Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-6237. Access to the local network is required for this attack. There is no exploit available.

A vulnerability classified as critical was found in Red Hat Ansible. This vulnerability affects unknown code of the component User Module. The manipulation leads to improper authorization. This vulnerability was named CVE-2024-9902. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GNU grub2. It has been declared as critical. This vulnerability affects unknown code of the component tar Handler. The manipulation leads to integer overflow. This vulnerability was named CVE-2024-45780. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in GNU grub2. It has been rated as critical. Affected by this issue is the function strcpy of the file fs/hfs.c of the component hfs. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2024-45782. The attack needs to be approached locally. There is no exploit available.

Глобальное отключение интернета способно кардинально изменить привычный уклад жизни. Узнайте, как заранее подготовиться, сохранить связь и доступ к важной информации в оффлайн-режиме.

在 Web 开发中，注入用户提供的 HTML 代码需求普遍存在，但这一过程伴随显著的安全风险，尤其需防范跨站脚本攻击（XSS）。尽管业界已有成熟的 XSS 过滤器（如 DOMPurify），但其配置不当或机制缺陷仍可能被利用。本文聚焦于命名空间混淆、MXSS（突变 XSS）、DOM Clobbering等前沿攻击技术，通过解析基础概念与实战案例，揭示两次 DOMPurify 绕过的核心原理，旨在帮

通过分析DataEase权限绕过与远程代码执行漏洞，学习docker远程调试、权限绕过及H2 JDBC命令执行漏洞。

最近团队小伙伴搭建邮件服务器总会出现各种坑各种问题，因为这个解决方案也有2-3年了，翻出以前的复现笔记又研究了一下，把要踩的坑都排咯，跟着这篇文章做就行。

文章详细分析了从0开始复现该漏洞

本文对土豆家族中几个关键的提权漏洞进行了学习与分析，学习之后思路更加清晰，许多原本模糊的概念也变得明朗起来。

nip.io静态DNS解析技术 URL校验绕过 CSA单点票据劫持

文章详细解析了 Apple 的实况照片（Live Photo）技术，包括其缓存视频帧、检测加速度触发保存、智能评分机制、防抖算法及多视频流封装等复杂处理流程，并展示了 Apple 在计算摄影领域的技术创新与细节追求。

审计一个适合java审计新手的项目studentmanager