Cybersecurity information flow

本文详细记录了对Zyxel 设备固件进行提取的方法和过程，并进行了详细分析。

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.
[GitHub]Update of https://github.com/1337g/CVE-2017-12149 to work with python3

" 在JBoss应用服务器随Red Hat企业应用平台5.2版中发现，HTTP Invoker的ReadOnlyAccessFilter类的doFilter方法没有限制对其执行反序列化的类，从而允许攻击者通过构造的序列化数据执行任意代码。\n[GitHub] 将https://github.com/1337g/CVE-2017-12149更新为支持python3。"

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
[GitHub]writeup and PoC for CVE-2024-32766 (QNAP) OS command injection, chained attack for auth bypass.

" 已报告称，一种操作系统命令注入漏洞影响了多个QNAP操作系统版本。如果该漏洞被利用，用户可以通过网络执行命令。我们已在以下版本中修复了该漏洞：QTS 5.1.3.2578 build 20231110及之后的版本，QTS 4.5.4.2627 build 20231225及之后的版本，QuTS hero h5.1.3.2578 build 20231110及之后的版本，QuTS hero h4.5.4.2626 build 20231225及之后的版本，以及QuTScloud c5.1.5.2651及之后的版本。\n[GitHub] CVE-2024-32766（QNAP）操作系统命令注入的writeup和PoC，用于绕过认证的链式攻击。"

引言 在逆向工程领域，IDA Pro 是一款广受赞誉的反汇编和调试工具，它支持多种主流的指令集，为开发者和安全研究人员提供了强大的分析能力。然而，一些特殊的指令集，如 VMP（Virtual Machine Protection）指令集，可能并不在 IDA 的支持列表中。目前，随着攻防对抗技术的发 ...

创新沙盒解读：Antimatter。

Expriments

Open Source Surveillance is an affordable and powerful OSINT system designed for both companies and individuals. It allows to gather real-time geo data from a variety of social media platforms and numerous other open sources.
Try it on
Open Source Surveillance
Real time intelligence gathering tool
Links Other projects &

" 开源监控是一款实惠且强大的开源情报（OSINT）系统，适用于公司和个体用户。它允许从各种社交媒体平台和众多其他开源渠道实时收集地理数据。\n请尝试使用\n开源监控\n实时情报收集工具\n链接其他项目&"

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
[GitHub]Exploit CrushFTP CVE-2024-4040

" VFS沙箱逃逸在所有版本小于10.7.1和11.1.0的CrushFTP中，以及在所有平台上，允许具有低权限的远程攻击者从VFS沙箱之外的文件系统读取文件。\n[GitHub]利用CrushFTP CVE-2024-4040"

Exploring Honeypots And The Art of Cybersecurity Deception
Photo by Hanna Balan on Unsplash
Introduction
Ever wanted a front-row seat to watch attackers at work? Bored of reading about attacker techniques and frameworks like MITRE? Would you like to gain firsthand insight into how real-world attacks unfold? Honeypots are a great way to get that experience. What started as a small experiment after accidentally leaving a Python web server running on a test machine has turned into a personal project to dive deeper into honeypots and share the experience with you.
Honeypots offer a unique way to learn about cybersecurity attacks by attracting and studying real-world attackers. Setting up a honeypot allows you to observe and analyze threats in real-time, helping you gain practical experience and insight into how attackers operate. I’m exploring honeypots because I believe that to be effective in cybersecurity, you need to see the action up close, not just read about it.
Throughout this article, we’ll discuss what 

Welcome to the April edition of the VoIP and WebRTC security monthly newsletter. In this edition, we cover: Kamailio World 2024 review Our short and longer presentation on insecure Kamailio configuration patterns Changes to the newsletter Updates to T-Pot honeypot, sngrep security fixes, Mitel IP Phone vulnerabilities New security course on WebRTC by BlogGeek.me And some more! RTCSec newsletter is a free periodic newsletter bringing you commentary and news around VoIP and WebRTC security.

" 欢迎阅读本月VoIP和WebRTC安全每月通讯的四月版。在本期中，我们涵盖了以下内容：\n\n1. Kamailio World 2024回顾\n2. 我们关于不安全Kamailio配置模式的长短篇演讲\n3. 通讯录的更改\n4. T-Pot蜜罐、sngrep安全修复以及Mitel IP电话漏洞的更新\n5. BlogGeek.me推出的新WebRTC安全课程\n6. 以及其他内容！\n\nRTCSec通讯是一份免费的定期通讯，为您提供关于VoIP和WebRTC安全的评论和新闻。"

Simple reverse ICMP shell

Used for AI model generation, next-generation Blender rendering engine, texture enhancement&generation (based on ComfyUI)

Red Hat Security Advisory 2024-2377-03 - An update for zziplib is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2377-03 - 针对红帽企业Linux 9的zziplib更新现已可用。"

Red Hat Security Advisory 2024-2387-03 - An update for mod_jk and mod_proxy_cluster is now available for Red Hat Enterprise Linux 9. Issues addressed include cross site scripting and information leakage vulnerabilities.

" 红帽安全公告2024-2387-03 - 针对Red Hat Enterprise Linux 9的mod_jk和mod_proxy_cluster更新现已可用。解决的问题包括跨站脚本和信息泄漏漏洞。"

Red Hat Security Advisory 2024-2394-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, double free, integer overflow, memory exhaustion, memory leak, null pointer, out of bounds access, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

" 红帽安全公告2024-2394-03 - 针对Red Hat Enterprise Linux 9的kernel更新现已可用。解决的问题包括代码执行、双释放、整数溢出、内存耗尽、内存泄漏、空指针、越界访问、越界读取、越界写入、权限提升以及使用后释放漏洞。"

Red Hat Security Advisory 2024-2396-03 - An update for squashfs-tools is now available for Red Hat Enterprise Linux 9. Issues addressed include a traversal vulnerability.

" 红帽安全公告2024-2396-03 - 现已为红帽企业Linux 9提供squashfs-tools更新。解决的问题包括一个遍历漏洞。"

Red Hat Security Advisory 2024-2410-03 - An update for harfbuzz is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2410-03 - Harfbuzz 的更新现已适用于 Red Hat Enterprise Linux 9。"

Red Hat Security Advisory 2024-2433-03 - An update for avahi is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2433-03 - 适用于红帽企业Linux 9的avahi更新现已可用。"

Red Hat Security Advisory 2024-2437-03 - An update for exfatprogs is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2437-03 - 现已为红帽企业Linux 9提供exfatprogs更新。"

Red Hat Security Advisory 2024-2438-03 - An update for pam is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2438-03 - 现已为红帽企业Linux 9提供pam更新。"

Red Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

" 红帽安全公告2024-2447-03 - 针对Red Hat Enterprise Linux 9的openssl和openssl-fips-provider更新现已可用。解决的问题包括一个拒绝服务漏洞。"

Red Hat Security Advisory 2024-2456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, out of bounds read, and out of bounds write vulnerabilities.

" 红帽安全公告2024-2456-03 - 针对红帽企业Linux 9的grub2更新现已可用。解决的问题包括代码执行、越界读取和越界写入漏洞。"

Red Hat Security Advisory 2024-2463-03 - An update for systemd is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2463-03 - 现已为红帽企业Linux 9提供systemd更新。"

Red Hat Security Advisory 2024-2483-03 - An update for traceroute is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2483-03 - 适用于红帽企业Linux 9的traceroute更新现已可用。"

Red Hat Security Advisory 2024-2504-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2504-03 - 适用于红帽企业Linux 9的libssh更新现已可用。"

Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-read vulnerability.

" 红帽安全公告2024-2512-03 - Red Hat Enterprise Linux 9文件的更新现已可用。解决的问题包括缓冲区溢出漏洞。"

Red Hat Security Advisory 2024-2517-03 - An update for wpa_supplicant is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.

" 红帽安全公告2024-2517-03 - 针对红帽企业Linux 9的wpa_supplicant更新现已可用。解决的问题包括一个绕过漏洞。"

Red Hat Security Advisory 2024-2525-03 - An update for mingw-pixman is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow and out of bounds write vulnerabilities.

" 红帽安全公告2024-2525-03 - 现已为红帽企业Linux 9提供mingw-pixman更新。解决的问题包括整数溢出和越界写入漏洞。"

Red Hat Security Advisory 2024-2528-03 - An update for mingw-glib2 is now available for Red Hat Enterprise Linux 9.

" 红帽安全公告2024-2528-03 - 现已为红帽企业Linux 9提供mingw-glib2更新。"