Aggregator

针对ASP.NET MVC程序的CLR Profiler后门程序编写 - admin-神风

admin-神风
3 years 2 months ago
一、文章前述 关于CLR Profiler的基础部分我上篇文章已经讲过了,具体可以去看看 https://www.cnblogs.com/wh4am1/p/15143698.html 直接进入正文部分 二、重写MSIL部分 这次爬坑也挺久的,请教了公司的同事,最后经过多次调试之后总算把demo做出来
admin-神风

基于 OpenSSL 实现国密 SM4 加解密

她和她的猫
3 years 2 months ago
if (!in_array('sm4-cbc', openssl_get_cipher_methods())) { printf("不支持 sm4\n"); } $key = 'her-cat.com'; $iv = random_bytes(openssl_cipher_iv_length('sm4-cbc')); $plaintext = '她和她的猫'; $ciphertext = openssl_encrypt($plaintext, 'sm4-cbc', $key, OPENSSL_RAW_DATA , $iv); printf("加密结果: %s\n", bin2hex($ciphertext)); $original_plaintext = openssl_decrypt($ciphertext, 'sm4-cbc', $key, OPENSSL_RAW_DATA , $iv); p

UPX Packed Headaches

The Akamai Blog
3 years 2 months ago
Researching malware has many challenges. One of those challenges is obfuscated code and intentionally corrupted binaries. To address challenges like this, we've written a small tool in C that could fix intentionally corrupted binaries automatically. We also plan to open-source the project so other researchers could use it too, and perhaps improve and expand upon the tool's capabilities as needed.
Akamai SIRT

A New Attack Surface on MS Exchange Part 3 - ProxyShell!

DEVCORE 戴夫寇爾
3 years 2 months ago

This is a guest post DEVCORE collaborated with Zero Day Initiative (ZDI) and published at their blog, which describes the exploit chain we demonstrated at Pwn2Own 2021! Please visit the following link to read that :)

If you are interesting in more Exchange Server attacks, you can also check our series of articles:

With ProxyShell, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server through an exposed 443 port! Here is the demonstration video:

Cloudy with a chance of transparency

NCSC Feed
3 years 2 months ago
In part 2 of his Cloud Blog Trilogy, Andrew explains why it's better for everyone if cloud providers are willing to be open about how they run their services.

Managed ad