Aggregator

利用合法服务逃避检测的C2框架集合

前言 针对全球主流TOP榜恶意软件家族进行实战分析，包含勒索病毒、远控木马、窃密木马、银行木马、APT攻击木马等。所有分析样本均为

相关的程序C2服务，如下所示：TelegramC2 Projects:https://github.com/3ct0s/disctopia-c2https://github.com/timebotdo

文章中涉及的漏洞均已修复，敏感信息均已做打码处理，文章仅做经验分享用途，切勿当真，未授权的攻击属于非法行为！0x01 加解密的意义相信大部分测试过app的好兄弟都被这个问题困扰过，app数据包部分字段

Name: x3CTF 2025 (feat. mvm) (an x3ctf event.)
Date: Jan. 24, 2025, 6 p.m. — 26 Jan. 2025, 18:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://x3c.tf/
Rating weight: 23.61
Event organizers: x3CTF

Name: TUCTF 2024 (an TU CTF event.)
Date: Jan. 24, 2025, 7 p.m. — 26 Jan. 2025, 19:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctfd.tuctf.com/
Rating weight: 28.60
Event organizers: ascii overflow

Name: HackDay 2025 - Qualifications (an HackDayCTF event.)
Date: Jan. 24, 2025, 8 p.m. — 26 Jan. 2025, 20:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://hackday.fr/
Rating weight: 19.90
Event organizers: HackDayCTF

Name: Codefest CTF 2025 (an Codefest CTF event.)
Date: Jan. 25, 2025, 12:30 p.m. — 27 Jan. 2025, 00:30 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://codefest-ctf.iitbhu.tech/
Rating weight: 23.98
Event organizers: Codefest

A vulnerability classified as critical was found in Chatelao PHP Address Book 8.2.5. Affected by this vulnerability is an unknown functionality of the component Address Book. The manipulation of the argument var leads to sql injection. This vulnerability is known as CVE-2013-0135. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Fiyo CMS 2.0.1.8. It has been declared as critical. Affected by this vulnerability is the function administrator of the file fiyo/dapur of the component Access Restriction. The manipulation of the argument view as part of Parameter leads to improper access controls. This vulnerability is known as CVE-2014-9148. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Oracle Database Server 11.2.0.4/12.1.0.2. Affected is an unknown function of the component DBMS_LDAP. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2014-3566. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Oracle Sun Data Center InfiniBand Switch 36 up to 2.2.1. Affected by this issue is some unknown functionality. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-3566. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Oracle Sun Network QDR InfiniBand Gateway Switch up to 2.2.1. This affects an unknown part. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-3566. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in HP VAN SDN Controller. This vulnerability affects unknown code of the component SSLv3. The manipulation leads to cryptographic issues (POODLE). This vulnerability was named CVE-2014-3566. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apple Xcode up to 6.4. Affected by this issue is some unknown functionality of the component IDE Xcode Server. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-3566. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Oracle Solaris Cluster 4.2. This affects an unknown part of the component GlassFish Server. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-3566. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle VM Server 3.1/3.2 on SPARC. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MGMT XML interface. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-3566. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in xine 0.99.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component setuid Program. The manipulation of the argument line leads to denial of service. This vulnerability is known as CVE-2006-2230. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.