기술 문서 자료 (2021.02 - 2주)

[Exploitation]

⦿ CVE-2020-24581 D-Link DSL-2888A Remote Command Execution -  Stella Sebastian

D-Link DSL-2888A에서 발생하는 RCE 분석

https://reconshell.com/cve-2020-24581-d-link-dsl-2888a-remote-command-execution/

 

⦿ CVE-2020-27932: iOS Kernel privesc with turnstiles - Ian Beer

https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html

 

⦿ Exploiting crash handlers: LPE on Ubuntu - Itai Greenhut

https://alephsecurity.com/2021/02/16/apport-lpe/

 

⦿ Hunting for bugs in Telegram's animated stickers remote attack surface - shielder

https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/

 

⦿ Kernel Pwnable repo - smallkirby

https://github.com/smallkirby/kernelpwn

 

⦿ Microsoft Hyper-V Virtual Network Switch VmsMpCommonPvtSetRequestCommon Out of Bounds Read - Alisa Esage Шевченко

https://zerodayengineering.com/blog/hyper-v-vmswitch-oobr.html

 

⦿ WINDOWS KERNEL ZERO-DAY EXPLOIT (CVE-2021-1732) IS USED BY BITTER APT IN TARGETED ATTACK - DBAPPSecurity

https://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack/

 

⦿ ZDI-20-1440 Writeup - HexRabbit

https://blog.hexrabbit.io/2021/02/07/ZDI-20-1440-writeup/

 

 

[Web]

⦿ Escalating SSRF to RCE - Alserda(sanderwind)

https://sanderwind.medium.com/escalating-ssrf-to-rce-7c0147371c40

 

 

[Network]

⦿ Relaying 101 - Daniel

https://luemmelsec.github.io/Relaying-101/

 

 

 

[Cyber Operation, Malware]

⦿ Egregor Ransomware - An In-Depth Analysis - Tom Roter

https://blog.minerva-labs.com/egregor-ransomware-an-in-depth-analysis

 

⦿ Internals of Lazarus Operation Dream Job - 0xthreatintel

https://0xthreatintel.medium.com/internals-of-lazarus-operation-dream-job-7ced9fc7da3e

 

 

[리버싱, 펜테스팅, 분석]

⦿ Analyzing Clubhouse for fun and profit - Theori

https://theori.io/research/korean/analyzing-clubhouse/

 

⦿ Kubernetes Pentest Methodology - Or Ida

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3

 

⦿ Methodology for Static Reverse Engineering of Windows Kernel Drivers - Matt Hand

https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83

 

⦿ Pentest Tips and Tricks - jivoi

https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/

https://jivoi.github.io/2015/08/21/pentest-tips-and-tricks-number-2/

 

⦿ Remote Desktop Connection (mstsc.exe) Screen in a Memory Dump Analysis - Rifqi Ardia Ramadhan

https://medium.com/mii-cybersec/remote-desktop-connection-mstsc-exe-screen-in-a-memory-dump-analysis-e7e00895dd4a

 

⦿ Using eBPF to uncover in-memory loading - Pat H

eBPF를 이용하여 멀웨어가 파이프를 사용하여 인 메모리 로드를 수행할 때 기록하는 방법

https://blog.tofile.dev/2021/02/15/ebpf-01.html

 

 

[CTF, Wargame]

⦿ Book HackTheBox Walkthrough - Raj Chandel

hackingarticles.in/book-hackthebox-walkthrough/

 

⦿ Remote HackTheBox Walkthrough - Raj Chandel

https://www.hackingarticles.in/remote-hackthebox-walkthrough/

 

 

[기타]

⦿ Line CTF

- Date: 20.03.2021 00:00 UTC ~ 21.03.2021 00:00 UTC (24 hours)

https://linectf.me

 

⦿ Quarkslab Challenge

https://quarkslab.com/challenge-quarkslab-2021/

 

[툴]