본문 바로가기

Security_Study

Malicious Excel Sheet with a NULL The file has been uploaded yesterday on VT (SHA256:1191d5c1dd7f6ac38b8d72bee37415b3ff1c28a8f907971443ac3a36906e8bf5)[1]. It's a classic Excel sheet:When you try to enable the macro, you see this:Indeed, the file does not content a classic VBA macro:$ docker run -it --rm -v $(pwd):/malware rootshell/dssuite oledump.py 1191d5c1dd7f6ac38b8d72bee37415b3ff1c28a8f907971443ac3a36906e8bf5.vir 1: 107 '\x.. 더보기
렌섬웨어 종류별 정리 더보기
OWSAP TOP 10 2017 RC 정리 OWASP TOP 10 2017년 후보 규격(Release Candidate)이 발표됐습니다. 아직 확정된 내용은 아니지만, 큰 변경을 없을 것 같습니다. 기존 2013버전과 큰 변경은 없으며 일부 취약점이 통합되고 신규 취약점이 추가됐습니다. A1 Injection A2 Broken Authentication and Session Management A3 Cross-Site Scripting (XSS) A4 Broken Access Control (As it was in 2004) A5 Security Misconfiguration A6 Sensitive Data Exposure A7 Insufficient Attack Protection (NEW) A8 Cross-Site Request Forgery.. 더보기
자바 스크립트 문자열과 vbs 스크립트 문자열 비교 Code ComparisonJavaScriptVBScript// This is a comment. /* Multi-line comment. */ ‘This is a comment. Rem So is this. No multi-line comments. Variables, Constants, and Arrays var x, y var z = 10 No way to force variables to be declared No constants var Vector = new Array(10) var Names = new Array() var Matrix = new Array(4) Matrix[0] = new Array(5) Vector[9] = 1.5 Matrix[1][4] = 2 Dim x, y Dim z .. 더보기
Mirai Scanning for Port 6789 Looking for New Victims Early today, a reader reported they were seeing a big spike to inbound tcp/6789 to their honeypots. We have seen similar on DShield's data started on December 17. It was actually a subject of discussion this weekend and this helpful data from Qihoo's Network Security Research lab attributes the large increase to Mirai, the default-password-compromising malware infected various IoT devices that a.. 더보기
Adobe Flash Player flaws remain the most used by Exploit Kits 어도비 플래쉬 취약점 내용과 익스플로잇킷 도구 정리 Key TakeawaysAdobe Flash Player provided six of the top 10 vulnerabilities used by exploit kits in 2016. Since our 2015 ranking, Flash Player’s popularity with cyber criminals remains after increased Adobe security issue mitigation efforts.Vulnerabilities in Microsoft’s Internet Explorer, Windows, and Silverlight rounded out the top 10 vulnerabilities used by exploit.. 더보기
Windows Kernel Exploitation IntroductionA plethora of attacks have illustrated that attacker specific code execution is possible through user mode applications/software. Hence, lot of protection mechanisms are being put into place to prevent and detect such attacks in the operating system either through randomization, execution prevention, enhanced memory protection, etc. for user mode applications.However little work has .. 더보기
Google Doodle - XSS (actually response splitting) n this post, I'll show a HTTP response splitting vulnerability, which I've found in Google Doodle website. If you don't know what response splitting is, Wikipedia sums it up pretty nicely: HTTP response splitting is a form of web application vulnerability, resulting from the failure of the application or its environment to properly sanitize input values. It can be used to perform cross-site scri.. 더보기
Facebook and two dots leak In this post, I'll explain to you an interesting bug in Facebook, which made it possible to steal user's name and email as well as an access token that allowed to read person's friend list. This is a bug I personally consider my favourite bug bounty finding, you'll soon find out why :) It was discovered by me and @evil_xorb. With the link below, you can register to FriendFeed using your Facebook.. 더보기
XSS via Host header - www.google.com/cse A few months ago I found a really fine XSS in Google's Custom Search Engine. The trick I needed to use doesn't seem to be broadly known and that's a pity as it sometimes might allow to make unexploitable exploitable. So here it is: XSS via Host header - Internet Explorer only. The trick was discovered by Sergey Bobrov (@Black2Fan) two years ago and still hasn't been fixed in IE11. Details of the.. 더보기