第十一周/20211213红队推送

===

【特别推荐】

Apache Log4j2 (CVE-2021-44228)漏洞相关攻击IOC全披露

https://mp.weixin.qq.com/s/WRgvxHs4eQhD4lcP4Ahs3g

帮助寻找需要修复的log4j主机

https://github.com/fullhunt/log4j-scan

只需要一个域用户即可拿到 DC 权限

https://mp.weixin.qq.com/s/RvOndF3gdEZbgqrIPqXsUg

【红队文章】

XXE 基础扫盲

https://infosecwriteups.com/xxe-attacks-explained-5fc1d9cc7960

Getting root on Ubuntu through wishful thinking(CVE-2021-3939)

https://securitylab.github.com/research/ubuntu-accountsservice-CVE-2021-3939/

Process Ghosting 的了解及规避

https://pentestlaboratories.com/2021/12/08/process-ghosting/

深入解析CVE-2021-21220——PWN2OWN 2021 

====================================

https://www.zerodayinitiative.com/blog/2021/12/8/understanding-the-root-cause-of-cve-2021-21220-a-chrome-bug-from-pwn2own-2021

从美国最新国防预算文件看网络空间发展新动向

https://mp.weixin.qq.com/s/nJnMXCwBmrOS4CsUrALuhw

【漏洞研究】

PageWay Version 1.8 BETA SQL Injection Vulnerability

https://cxsecurity.com/issue/WLB-2021120031

Wordpress Plugin WP Guppy 1.1 - WP-JSON API Sensitive Information Disclosure

https://cxsecurity.com/issue/WLB-2021120032

Reprise License Manager 14.2

https://cxsecurity.com/issue/WLB-2021120033

MTPutty 1.0.1.21 - SSH Password Disclosure

https://cxsecurity.com/issue/WLB-2021120035

Student Management System 1.0 - SQLi Authentication Bypass

https://cxsecurity.com/issue/WLB-2021120036

Employees Daily Task Management System 1.0 - 'username' SQLi Authentication Bypass

https://cxsecurity.com/issue/WLB-2021120037

Chikitsa Patient Management System 2.0.2 - 'plugin' Remote Code Execution (RCE) (Authenticated)

https://cxsecurity.com/issue/WLB-2021120038

TestLink 1.19 - Arbitrary File Download (Unauthenticated)

https://cxsecurity.com/issue/WLB-2021120039

Raspberry Pi 5.10 - Default Credentials

https://cxsecurity.com/issue/WLB-2021120040

Grafana 8.3.0 - Directory Traversal and Arbitrary File Read

https://cxsecurity.com/issue/WLB-2021120041

Free School Management Software 1.0 - Remote Code Execution (RCE)

https://cxsecurity.com/issue/WLB-2021120042

OpenCATS 0.9.4 Remote Code Execution

https://cxsecurity.com/issue/WLB-2021120043

LimeSurvey 5.2.4 Remote Code Execution

https://cxsecurity.com/issue/WLB-2021120044

Microsoft Office Word MSHTML Remote Code Execution

https://cxsecurity.com/issue/WLB-2021120045

FiveM & Gmod Loading Screen Maker Free | SQL Injection Vulnerability

https://cxsecurity.com/issue/WLB-2021120047

Wordpress Plugin Catch Themes Demo Import 1.6.1 - Remote Code Execution (RCE) (Authenticated)

https://cxsecurity.com/issue/WLB-2021120048

---

更多详情请查看原文