Aggregator

Post-Exploitation: Abusing Chrome's debugging feature to observe and control browsing sessions remotely

Embrace The Red
5 years ago
Chrome’s remote debugging feature enables malware post-exploitation to gain access to cookies. Root privileges are not required. This is a pretty well-known and commonly used adversarial technique - at least since 2018 when Cookie Crimes was released. However, remote debugging also allows observing user activities and sensitive personal information (aka spying on users) and controlling the browser from a remote computer. Below screenshot shows a simulated attacker controlling the victim’s browser and navigating to chrome://settings to inspect information:

Java ASM3学习(2) - tr1ple

tr1ple(Wfzsec)
5 years ago
1.编译后的方法区,其中存储的代码都是一些字节码指令 2.Java虚拟机执行模型: java代码是在一个线程内部执行,每个线程都有自己的执行栈,栈由帧组成,每个帧表示一个方法的调用,每调用一个方法,都将将新的帧压入执行栈,方法返回时(不管是整成return还是异常返回),该方法对应的帧都将出栈,即按
tr1ple

Brazil Targeted by Phishing Scam Harnessing COVID-19 Fears

The Akamai Blog
5 years ago
Researchers at Akamai have identified a new phishing campaign targeting users in Brazil who are worried about their finances during the COVID-19 epidemic. Over two weeks, we identified that the three-question quiz campaign successfully targeted more than 850,000 victims, scamming them out of personal information, and in some cases, convincing them to install Adware on their computer.
Or Katz

从更深层面看Shiro Padding Oracle漏洞

小陈的Life
5 years ago
Apache Shiro是一个强大且易用的Java安全框架,执行身份验证、授权、密码和会话管理。使用Shiro的易于理解的API,您可以快速、轻松地获得任何应用程序,从最小的移动应用程序到最大的网络和企业应用程序

临时处理OCSP域名无法访问的问题

Holmesian Blog
5 years ago
之前的文章有提到过OCSP,现在本站用的 SSL 证书换成了 Let's Encrypt ,近期由于众所周知的原因,国内无法直接访问 Let's Encrypt 的 OSCP 域名,导致出现了不...
Holmesian

Java Instrumentation插桩技术学习 - tr1ple

tr1ple(Wfzsec)
5 years ago
Instrumentation基础 openrasp中用到了Instrumentation技术,它的最大作用,就是类的动态改变和操作。 使用Instrumentation实际上也可以可以开发一个代理来监视jvm的上运行的程序,可以动态的替换类的定义,就可以达到虚拟机级别的AOP实现,随时可以为应用增
tr1ple

Managed ad