The IE 11 browser is the explosion of security vulnerabilities: remotely steal local PC file-bug warning-the black bar safety net

Recently security experts in the IE 11 browser on the found new vulnerabilities in the process. MHT saved page can allow a hacker to steal the PC on the file. More importantly. MHT file format the default processing application is the IE 11 browser, so even the Chrome as the default web browser o...

Grasp the window of opportunity: see how do I get Chrome 1-day vulnerabilities and achieve the use-vulnerability warning-the black bar safety net

Overview For Chrome to say, when the discovery of a vulnerability, the first in the v8 source tree to be repaired, and then re-release a new stable version of Chrome, and in both during the process, the attacker can completely for a particular vulnerability, the development of a usable exploit...

. NET advanced code audit of the seven classes NetDataContractSerializer deserializing vulnerability-vulnerability warning-the black bar safety net

NetDataContractSerializer and DataContractSerializer for serialization and de-serialization in Windows Communication Foundation WCF message to send the data. Between the two there is an important difference: the NetDataContractSerializer includes CLR through the CLR type to add additional...

. NET advanced code audit of the first six classes DataContractSerializer deserialization vulnerability-vulnerability warning-the black bar safety net

DataContractSerializer class is used for serialization and de-serialization in Windows Communication Foundation WCF message to send the data for the CLR data type is serialized into an XML stream, which is located in the namespace System. Runtime. Serialization, and inherits from the System...

2019 4 on Microsoft patch day multiple vulnerabilities early warning-vulnerability warning-the black bar safety net

0x00 event background 2019 04 May 10, 360CERT monitoring to Microsoft to 4, on 9 September released a 4 month safety update. This security update covers the Windows of the body and a plurality of Windows core componentWindows,win32k,RECEIVE,CSRSS,MSXML,VSScriptcode execution/privilege escalation...

SSJI-to Node. js vulnerability audit of the series a-vulnerability warning-the black bar safety net

hello I was in control of the security laboratory of the Whispering Wind, the JavaScript in Node. js with the help of turned into a server-side scripting language, so since it is a service side scripting language, there may be some security issues. SSJIserver side JavaScript injection is a...

XSLeaks attack analysis-HTTP caching and cross-site leakage-vulnerability warning-the black bar safety net

0x1 XSSearch past lives This attack is the earliest can be dated back to 10 years agoi.e. 2009, one named Chris Evans, security personnel describes one of the Yahoo attack: Chris use a malicious web site to search for the site visitor's e-mail Inbox, and he by constructing different keywords mann...

Millet phone preloaded with the App Security Center, the user will be exposed to the threat-vulnerability warning-the black bar safety net

Smartphones generally have a pre-installed application software, some of which are very useful, and some we never used. Because the pre-installed App has the required permissions, once these pre-application insecurity or vulnerability exists, the user privacy and security a potential threat. Chec...

How to tap the RPC vulnerability, Part 2-the vulnerability warning-the black bar safety net

One, Foreword In a previous article, translation, and FortiGuard Labs to share with you how to use the RPCView to find the RPC server in the logical loopholes, the final we in the Microsoft Universal Telemetry service found a potential problem. As you may remember, in the previous article we...

Confluence Server Remote Code Execution Vulnerability-vulnerability warning-the black bar safety net

Atlassian company for Confluence Server and Data Center products used in the widgetconnecter Assemblyversion Network Vine CRS/ARS products have full support for the vulnerability detection and verification, 网藤用户可直接登陆www.riskivy.com for verification. ! A, scope of impact Product Confluence Server...

Edge no prior knowledge of the exploit-vulnerability warning-the black bar safety net

The background set forth 2007 held so far, in the pwn2own contest, the browser is always the main event. Watch the game at the same time, I believe a lot of friends have been eager to try. But do you remember how many times full of confidence, last and all the time being put on hold? The article...

如何针对使用HTTP的.NET Remoting finding and using deserialization vulnerability-vulnerability warning-the black bar safety net

One, overview In the NCC Group and most recent safety assessment, 我发现了一个.NET v2. 0 app, 该应用程序使用.NET Remoting by HTTP to send the SOAP request to the other server to communicate. In the application of the anti-compiled, I realized that the server has TypeFilterLevel is set to Full, this is very...

Apache HTTP Server components to mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, the Aapche HTTP Server official release of the Aapche HTTP Server 2.4.39 version update, this version fixes a bug number for CVE-2019-0211 mention the right vulnerability, the vulnerability rating of high risk, according to Sangfor security team, the vulnerabilities impact severity, the...

About CVE-2019-9766 buffer overflow vulnerability penetration module preparation and testing-vulnerability warning-the black bar safety net

CVE-2019-9766 exposed about Free MP3 CD Ripper buffer overflow vulnerability in the conversion file, Free MP3 CD Ripper 2.6 in a stack-based buffer overflow vulnerability allows user-assisted remote attackers via a specially crafted. mp3 file to execute arbitrary code. This article describes in...

Explore the PHP Mkdir function-vulnerability warning-the black bar safety net

A, causes In the reproducibility analysis of Wordpress-5.0.0 RCE of the time, because in the written pictures of the process, according to the picture dirname create the directory, then according to the basename of the write picture. In the directory is successfully created, the premise should be...

TP-Link SR20 router 0 day vulnerability-a vulnerability warning-the black bar safety net

Google security developer Matthew Garrett found the TP-Link SR20 smart home router There 0 day arbitrary code execution vulnerability in the same network an attacker can exploit the vulnerability to root access to execute arbitrary commands. Garrett said public vulnerability is due from him to th...

Apache Struts OGNL injection vulnerability principle with an example-vulnerability warning-the black bar safety net

Through this article, we mainly learn how Apache Struts to achieve OGNL injection. Our examples will be set forth in the Struts of the two critical vulnerabilities: CVE-2017-5638（Equifax information disclosure and CVE-2018-11776。 Apache Struts is a free open source framework for creating modern...

Cisco release a lot of patches, fixes IOS XE, and small business routing vulnerability-vulnerability warning-the black bar safety net

On Wednesday, Cisco Systems Inc. posted a 26 the patch, including its IOS-XE operating system and two small business RV320 and RV325 router of bug fixes. A total of 19 vulnerabilities is Cisco rated the severity level, other vulnerabilities were rated medium level. In the high severity...

UC Browser is the presence of man in the middle attacks(MITM)vulnerability that could impact more than a billion devices-vulnerability warning-the black bar safety net

Researchers find UC Browser in the presence of a vulnerable functional block can be exploited by attackers to perform MiTM attacks. Because the UC Browser using the HTTP Protocol to communicate with the server, the transmission information is not encrypted, so the would be attacker hook request...

Next from the printer coming out will be?-- The theory of the UPnP using the status quo and risk-vulnerability warning-the black bar safety net

Earlier this year, Chromecast streaming dongle, Google Home devices and smart TV users are forced to harvest a strip from the youtube PewDiePie channel promotion information. This hijacking is said by the tube top traffic UP the main are a fan of the battle for the thrown. Reported that hackers...

From 0 to ReverseShell: router vulnerabilities range the Dvar practice-vulnerability warning-the black bar safety net

The Dvar is a simulation of the arm architecture of the router vulnerability the shooting range, this article will introduce how to get a reverse shell, the intermediate will contain the environment to build, bugs to locate and use, as well as this practical experience. 1. Knowledge base This...

WINDOWS 10 IOT CORE remote command execution vulnerability verification and recommendations-vulnerability warning-the black bar safety net

1, Overview Recently, Ann days of microelectronics and embedded security development Department, Security days micro block for SafeBreach1the company's disclosure of the Windows IoT2operating systemthe security vulnerabilities carried out a detailed analysis and validation. An attacker exploiting...

0CTF 2019 zero_task conditions for competition use-vulnerability warning-the black bar safety net

Foreword 0CTF2019 pwn title zerotask, the difficulty in pwn title in the most low, vulnerability for the type of conditions of competition. 2. Title protection ! Full protection turned on 3. Title function Topic implements an encryption and decryption function, a total of three functions. ! 1...

Using Semmle QL vulnerability out Part2-vulnerability warning-the black bar safety net

First part of this series introduced the Semmle QL, as well as the Microsoft Security Response Center MSRC how to use it to review to our report the vulnerability. This article discusses a How do we take the initiative to use it examples, including Azure firmware component of a security audit. Th...

For a driver to mention the right vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword As Microsoft is constantly reinforcing core safety, enhance the native kernel components of the exploit difficulty, and now third party kernel drivers are gradually becoming the attacker's preferred target, is security analysts the focus of the study. Signed third-party driver...

ColdFusion FlashGateway deserialization vulnerability analysis-vulnerability warning-the black bar safety net

2019 2 May 12, the official Adobe released for Adobe ColdFusion security update patch, numbered APSB19 to 10. But for the vulnerability analysis, the current online I just saw an article that https://paper.seebug.org/811/, although the article did not give too many details for our Munchkin, but...

. NET advanced code audit of the fifth classes . NET Remoting deserialization vulnerability-vulnerability warning-the black bar safety net

In recent days foreign security researcher Soroush Dalili @irsdl公布了.NET the Remoting application may exist deserializing a security risk, when the server using the HTTP channel of the SoapServerFormatterSinkProvider class as the channel of the receiver and will automatically deserialize the...

zzzphpV1. 6. 1 Remote Code Execution Vulnerability simple analysis-vulnerability warning-the black bar safety net

0x1 Foreword The Prophet chanced to see an article zzzphp V1. 6. 1 Remote Code Execution Vulnerability Analysis,on the stencil getshell actually very common,this vulnerability analysis of the fun is tracking malicious code with the full process,it is a pity the Prophet on the author May in this...

. NET advanced code audit the fourth classes JavaScriptSerializer deserialization vulnerability-vulnerability warning-the black bar safety net

In the. NET processing Ajax applications, usually when the sequence of functions performed by the JavaScriptSerializer class provides, it is. NET2. 0 after the internal implementation of the sequence of functions of class located in the namespace System. Web. Script. Serialization through the...

Through the Server Info in a buffer overflow to achieve the Steam client RCE-vulnerability warning-the black bar safety net

In Steam and other V social game such as CSGO, Half-Life, TF2, built-in a looking for a server browser server browser, and a game server. In order to obtain information about these server information, the server browser using a method called server query server queries a specific UDP communicatio...

Router exploitation of Stack Overflow-the bounce of the shell's payload configuration-vulnerability warning-the black bar safety net

Previous article talked about the ROP chain is constructed, and finally the direct use of call the execve function, the shellcode can be directly getshell, but in the actual router case of overflow will not be so simple. Here look at together with the DVRF in the title, this question is...

SAML vulnerability discovery and exploit-vulnerability warning-the black bar safety net

In a recent Web application testing process, I'm in the application of SAML-Security Assertion Markup Language implementation, found a security vulnerability. The application in achieving its SAML capabilities, using an unsafe practice, plus its own custom authentication mechanism is also present...

WordPress 5.1: from CSRF to RCE-vulnerability warning-the black bar safety net

One, Foreword Note: this exploit and the environment is more complex, the actual value may not be very high, but forXSSwith permissions management also has certain reference value. Last month we published a WordPress 5.0, a remote code execution RCE）vulnerabilities required by the authentication...

WordPress 5.0.0 Remote Code Execution analytical thinking-vulnerability warning-the black bar safety net

2 on the 20th, and RIPS the team in the official website discloses a WordPress 5.0.0 Remote Code Execution, CVE number CVE-2019-6977, the article mainly mentioned in the author permissions to the account, you can modify the Post Meta variable coverage, directory traversal write the file, the...

By 2019, 3-month Microsoft patch day multiple vulnerabilities early warning-vulnerability warning-the black bar safety net

GMT 2019 3 October 14, Microsoft issued a routine security update, patching Internet Explorer, Edge, Exchange Server, ChakraCore, Windows, Office, NuGet包管理器和.NET Framework of multiple products in a vulnerability. This 64 CVE, 17 were rated as severeCritical, 45 were rated as importantImportant, o...

WordPress 5.1 CSRF lead to remote command execution vulnerability alerts-a vulnerability alert-the black bar safety net

Report number: B6-2019-031301 Report source: 360-CERT The authors of the report: a 360-CERT Update date: 2019-03-13 0x00 vulnerability background 2019 03 May 13, 360 CERT monitoring to RIPSTECH released WordPress 5.1 CSRF vulnerability leads to remote code execution the contents of the details...

. NET advanced code audit（third class）Fastjson deserialization vulnerability-vulnerability warning-the black bar safety net

In Java Fastjson ever broke the plurality of deserialization vulnerabilities and Bypass version, and in. Net field also has a Fastjson library 作者官宣这是一个读写Json效率最高的的.Net components, using the built-in method JSON. ToJSON can be quickly serialized. Net objects. Let you easily achieve. Net of all...

All Intel processors are facing new attacks SPOILER, the software level is no solution-vulnerability warning-the black bar safety net

Researchers at Intel memory subsystem private implementation found address speculation of a vulnerability, it will leak memory layout information, flipping the bits of the Rowhammer attack easier to perform. SPOILER attack is different from the raging Spectre attack, it does not mention the right...

Nexus Repository Manager 3 new vulnerability has been used in mining Trojan spread, users are advised to fix as soon as possible-vulnerability warning-the black bar safety net

Recently, Ali cloud security monitoring to watchbog mining Trojan use the new exposure of the Nexus Repository Manager 3 remote code execution vulnerabilityCVE-2019-7238for attack and mining the events. It is worth noting that this attack Start Time 2 on 24th and 2 on 5 May above products, the...

. NET advanced code audit（second class） Json. Net deserialization vulnerability-vulnerability warning-the black bar safety net

Newtonsoft. Json, which is an open-source Json. Net library, the official address: https://www.newtonsoft.com/json a read and write Json, efficiency is very high. Net library, in the do develop the time, a lot of data exchange are based on the json format for transmission. While using Json, the...

Windows domain environment there is a remote code execution risk early warning-vulnerability warning-the black bar safety net

0x00 event background Recently, 360CERT monitoring to the foreign security researchers disclosed a Windows domain environment pose a serious threat to attack the use of the programme, for the man in the middle attacks with the use of resource constrained delegation attack of a combination of ways...

Intel CPU Spoiler vulnerability alerts-a vulnerability alert-the black bar safety net

Spoiler is the researchers found that the impact of the Intel microprocessor architecture of a speculative attack a speculative attack is a new microprocessor disclosure vulnerability that leaks is about the physical page to the user space process mapping of key information. Spoiler with 2018 1 o...

Saudi Arabia smart phone application Dalil is burst serious vulnerability: the more than 500 million users information was leaked-vulnerability warning-the black bar safety net

Dalil is a similar to Truecaller's smart phone application, but only limited to Saudi Arabia and other Arab regions of the user. Due to the application of the use of the MongoDB database can not enter the password in the case of online access, causing the user data of the continued leak of the we...

Android TV exposed the bug or cause of the user's private photos leaked-vulnerability warning-the black bar safety net

Recently, Twitter users prashanth broke the news, said he found the Android TV's a bug, or lead to users private photos being leaked. When he connected to a Vu Android TV, and select the“switch to another account”, turned out to be able to view all with this TV the name of the person and the...

CVE-2019-5786: chrome in the wild exploit 0day vulnerability alerts-a vulnerability alert-the black bar safety net

! 0x00 vulnerability background Beijing 3 month 6 days, 360CERT monitoring to chrome release version update72.0.3626.119-72.0.3626.121, fixes in the wild using CVE-2019-5786。 The vulnerability to harm is more serious, a greater impact. 0x01 vulnerability details CVE-2019-5786 is located on the...

. NET advanced code audit（the first lesson）XmlSerializer deserialization vulnerability-vulnerability warning-the black bar safety net

在.NET in the framework of the XmlSerializer class is a great tool, it is a highly structured XML data is mapped to . NET objects. The XmlSerializer class in the program through a single API call to perform the XML document and the object conversion between. The conversion mapping rules in the . N...

Find the macOS keychain vulnerability of the 18-year-old boy decided to Apple announced all the details-vulnerability warning-the black bar safety net

In no, get Apple any remuneration case, Linus Henze decided to Apple filed for in the macOS keychain（Keychain）security software found a serious BUG. Before he choose to hide the BUG detail, to protest against Apple why not for the macOS platform starts Bug Bounty reward activities, but now he...

Test IE/EDGE collapse vulnerability of the availability-vulnerability warning-the black bar safety net

Due to the network attack technology the rapid development of the trend, many browser developers are also in their product was added similar to antivirus like features to help protect users from security threats, such as Internet Explorer IEand Edge compared to the previous, in addition to the in...

Router exploitation of the Stack Overflow entry for the ROP chain of the structure-vulnerability warning-the black bar safety net

DVRF of the Second Stack Overflow the program is stackbof2, this title and on the question of the differences is that this question does not give us the backdoor function, the need to construct their own shellcode to make the call. ! The README file also made a note, so the focus here is on the R...

New found thunderclap vulnerability allows hackers to use a Thunderbolt/USB-C peripheral attack PC-vulnerability warning-the black bar safety net

Earlier by the Cambridge University computer science and Technology Department, Rice University, and Stanford Institute of International Studies a group of researchers announced a new vulnerability Thunderclap, affecting all major platforms, including MacOS and Windows. The vulnerability affects...