Aggregator

A vulnerability was found in Darryl Burgdorf Webhints 1.3 and classified as critical. This issue affects some unknown processing of the file hints.pl. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2005-1950. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft Windows 2000/Server 2003/XP. It has been declared as critical. This vulnerability affects unknown code of the component Transaction Internet Protocol Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2005-1979. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Microsoft Windows. Affected by this issue is some unknown functionality. The manipulation leads to denial of service. This vulnerability is handled as CVE-2005-1980. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Windows. This affects the function ndrallocate in the library msdtcprx.dll of the component Distributed Transaction Coordinator. The manipulation leads to improper privilege management. This vulnerability is uniquely identified as CVE-2005-2119. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

美国白宫发布新行政令修订网络安全政策，聚焦应对外国网络威胁、推进安全软件开发、防范网络劫持、发展后量子密码技术等措施，并调整AI应用重点及限定网络制裁范围。

A vulnerability was found in CARE2X and classified as critical. Affected by this issue is some unknown functionality of the file inc_front_chain_lang.php. The manipulation of the argument root_path leads to improper privilege management. This vulnerability is handled as CVE-2007-1458. The attack may be launched remotely. Furthermore, there is an exploit available.

作者分享了在20天内通过CISSP考试的经验，强调实际工作经验和前期知识储备的重要性，并提供了备考计划和资源建议。

立即查看详情 →

A vulnerability was found in Celk Sistemas Celk Saude up to 3.1.252.1 and classified as problematic. This issue affects some unknown processing of the component PDF File Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-55199. The attack may be initiated remotely. There is no exploit available.

NoSQL注入是一种针对非关系型数据库的攻击方式,可能导致数据泄露、权限提升甚至系统被控制。通过注入恶意代码或操作符,攻击者可绕过安全逻辑或窃取敏感信息。Rocket.Chat等案例展示了其严重性。输入验证、参数化查询等方法可有效预防此类攻击。

文章探讨了Hacker ImageCloud渗透测试在云安全中的重要性，并介绍了使用AWSReaper等工具进行实战技巧。重点分析了AWS环境中的身份管理、存储桶权限和网络配置问题，为红队成员提供了实用方法。

文章介绍了Beacon Object Files (BOFs) 在C2框架中的功能及其开发挑战，并推出了一款名为boflint的工具来检测和解决BOF开发中的常见问题。该工具通过检查COFF文件的节、符号和重定位信息，在编译后识别潜在问题，如未解析的导入、不支持的重定位类型等，从而提高BOFs在不同框架中的兼容性和可靠性。

Windows临时文件夹中的符号链接绕过机制允许普通用户删除受保护系统文件，无需管理员权限。该漏洞存在于Acronis True Image 2021中，利用目录连接攻击实现。

文章描述了作者在Acronis True Image 2021中发现的本地权限提升漏洞。通过创建目录连接绕过符号链接保护机制，普通用户可删除受保护系统文件如hosts文件。该漏洞可能导致系统配置错误或破坏持久性机制。Acronis已修复该问题，并向作者支付了250美元赏金。

文章探讨了通过多层XOR混淆技术结合位移、Base64等方法对抗静态分析工具的方式，并介绍了如何利用随机化和动态逻辑增强混淆效果。同时提出了熵分析、沙箱 detonation 等防御手段。

文章探讨了通过结合位移、Base64和动态逻辑等技术对XOR进行分层混淆的方法,展示了如何将简单的编码变成静态分析工具难以解析的复杂结构,并提供了实现代码和防御建议。

Notepad++ v8.8.1被发现存在严重漏洞（CVE-2025-49144），攻击者可利用该漏洞通过操控regsvr32.exe路径获取系统权限。安装程序在当前目录搜索依赖项时未验证文件来源，导致恶意代码执行。该漏洞可能与钓鱼攻击结合使用，增加风险。建议采用绝对路径、验证文件签名等措施防范。

Notepad++ v8.8.1 存在严重漏洞（CVE-2025-49144），攻击者可利用该漏洞通过恶意 regsvr32.exe 文件获得系统级权限。漏洞源于安装程序未验证依赖项路径的安全性。攻击者可结合钓鱼攻击传播恶意文件，在安装过程中触发漏洞以获取系统控制权。建议使用绝对路径、验证文件完整性及避免从不受信任目录加载依赖项以防范此类风险。

作者通过一种被忽视的侦察方法发现Fortune 500公司的SSRF漏洞，获得1万美元回报。强调90%黑客忽视关键侦察步骤，如被动侦察（Shodan、Wayback Machine、GitHub Leaks），并指出正确心态比工具更重要。

作者通过一种被大多数黑客忽视的侦察方法发现了 Fortune 500 公司中的关键 SSRF 漏洞，获得 1 万美元赏金。他强调 90% 的黑客在侦察阶段失败，并分享了被动侦察技巧（如 Shodan、Wayback Machine 和 GitHub 搜索），认为正确的侦察心态比工具更重要。