第十周/20211206红队推送

【漏洞研究】

Persistsolution - Sql Injection Vulnerability

https://cxsecurity.com/issue/WLB-2021120005

WordPress Plugin DZS Zoomsounds 6.45 Arbitrary File Read (Unauthenticated)(CVE-2021-39316)

https://cxsecurity.com/issue/WLB-2021120012

    WordPress DZS Zoomsounds 6.45 Arbitrary File Read：

    https://cxsecurity.com/issue/WLB-2021120021

WordPress Plugin Slider by Soliloquy 2.6.2 - 'title' Stored Cross Site Scripting (XSS) (Authenticated)

https://cxsecurity.com/issue/WLB-2021120019

Auerswald COMfortel 1400/2600/3600 IP Authentication Bypass(CVE-2021-40856)

https://seclists.org/fulldisclosure/2021/Dec/9

Ubuntu Overlayfs Local Privilege Escalation(CVE-2021-3493)

https://cxsecurity.com/issue/WLB-2021120022

Backdoor.Win32.Vernet.axt / Insecure Permissions(MVID-2021-0413)

https://seclists.org/fulldisclosure/2021/Dec/5

Backdoor.Win32.Bionet.10 / Authentication Bypass RCE(MVID-2021-0414)

https://seclists.org/fulldisclosure/2021/Dec/6

一个在 Linux 6pack 驱动程序中存在 16 年的漏洞分析：CVE-2021-42008

https://syst3mfailure.io/sixpack-slab-out-of-bounds

VMware vCenter (测试于7.0.2.00100) SSRF + XSS 未经授权任意文件读取

https://mp.weixin.qq.com/s/pWoInwVDM8p0ZL0hNWgK3Q

【红队工具】

ThePhish: 钓鱼邮件自动分析工具

https://securityonline.info/thephish-automated-phishing-email-analysis-tool/

XMGoat – Azure开源渗透测试工具

https://www.xmcyber.com/xmgoat-an-open-source-pentesting-tool-for-azure/

EDRHunt: 扫描 Windows 服务、驱动程序、进程、注册表以查找已安装的 EDR

https://github.com/FourCoreLabs/EDRHunt

开源、轻量、快速、跨平台 的红队内外网打点扫描器

https://github.com/redtoolskobe/scaninfo

一款可以探测Chrome插件的前端工具

https://github.com/neargle/crx-scouter

Proxy pool: Python爬虫代理IP池

https://github.com/jhao104/proxy\_pool

【红队文章】

关于DLL注入

https://infosecwriteups.com/dll-injection-dllinjector-d1b30c6760eb?source=rss----7b722bfd1b8d---4

Popping iOS <=14.7 with IOMFB

https://www.reddit.com/r/ReverseEngineering/comments/r5n5pq/popping\_ios\_147\_with\_iomfb/

SSRF漏洞利用与getshell实战（精选）

https://mp.weixin.qq.com/s/SGrZIhKmOdpmRE3cmb_XkA

分享一些更快速的刷SRC赏金的自动化挖洞技巧命令和工具协同

https://github.com/taielab/Taie-Bugbounty-killer

渗透工具实战技巧大合集

https://mp.weixin.qq.com/s/Y32hTQV-ggYFaHZ_p-p7Wg

钓鱼与社工系列之某信聊天记录解密

https://skewwg.github.io/2021/06/15/diao-yu-yu-she-gong-xi-lie-zhi-wei-xin-liao-tian-ji-lu-jie-mi/