From aa5950f60f052efc045aee3342d0c833d1059c8d Mon Sep 17 00:00:00 2001 From: "Set3r.Pan" Date: Tue, 29 Nov 2022 13:12:45 +0000 Subject: [PATCH 1/5] =?UTF-8?q?update=20Web=E5=AE=89=E5=85=A8/README.md.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Set3r.Pan --- Web安全/README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/Web安全/README.md b/Web安全/README.md index 250ca9a..534c83b 100644 --- a/Web安全/README.md +++ b/Web安全/README.md @@ -10,8 +10,15 @@ Only for research or learning, **DO NOT USE IT FOR ILLEGAL PURPOSES!** ## 目录   :fa-tags: [0x01 记一次捕获野生0day](./docs/0x01%20记一次捕获野生0day.md) +   :fa-tags: [0x02 Shiro-550漏洞 (CVE-2016-4437)分析](./docs/0x02%20Shiro-550%E6%BC%8F%E6%B4%9E%20%EF%BC%88CVE-2016-4437%EF%BC%89%E5%88%86%E6%9E%90.md) +   :fa-tags: [0x03 一次用友NC BshServlet拿webshell过程](./docs/0x03%20%E4%B8%80%E6%AC%A1%E7%94%A8%E5%8F%8BNC%20BshServlet%E6%8B%BFwebshell%E8%BF%87%E7%A8%8B.md) +   :fa-tags: [0x04 Apache Log4j2漏洞详解](./docs/0x04%20Apache%20Log4j2漏洞详解.md) +   :fa-tags: [0x05 敏感信息泄露+用户遍历=任意密码修改](./docs/0x05%20敏感信息泄露+用户遍历=任意密码修改.md) -  :fa-tags: [0x06 溯源反制之MySQL蜜罐研究](./docs/0x06%20%20溯源反制之MySQL蜜罐研究.md) + +  :fa-tags: [0x06 溯源反制之MySQL蜜罐研究](./docs/0x06%20溯源反制之MySQL蜜罐研究.md) + + From a761e6a615b09cf494d6fa9befeafc1737c9fe28 Mon Sep 17 00:00:00 2001 From: "Set3r.Pan" Date: Tue, 29 Nov 2022 13:14:35 +0000 Subject: [PATCH 2/5] =?UTF-8?q?update=20=E5=86=85=E7=BD=91=E5=AE=89?= =?UTF-8?q?=E5=85=A8/README.md.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Set3r.Pan --- 内网安全/README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/内网安全/README.md b/内网安全/README.md index 9b0108c..c31a219 100644 --- a/内网安全/README.md +++ b/内网安全/README.md @@ -11,8 +11,13 @@ Only for research or learning, **DO NOT USE IT FOR ILLEGAL PURPOSES!** ## 目录   :fa-tags: [0x01 内网渗透之代理转发姿势](./docs/0x01%20内网渗透之代理转发姿势.md) +   :fa-tags: [0x02 使用Venom搭建二级代理](./docs/0x02%20使用Venom搭建二级代理.md) +   :fa-tags: [0x03 隐藏通信隧道技术(一)](./docs/0x03%20隐藏通信隧道技术(一).md) +   :fa-tags: [0x04 隐藏通信隧道技术(二)](./docs/0x04%20隐藏通信隧道技术(二).md) +   :fa-tags: [0x05 利用msfvenom生成木马](./docs/0x05%20利用msfvenom生成木马.md) -  :fa-tags: [0x06 利用msf自带的route模块穿透目标内网](./docs/0x06%20利用msf自带的route模块穿透目标内网.md) \ No newline at end of file + +  :fa-tags: [0x06 利用msf自带的route模块穿透目标内网](./docs/0x06%20利用msf自带的route模块穿透目标内网.md) From d541462f068b59c5193b08444602533a362864bb Mon Sep 17 00:00:00 2001 From: "Set3r.Pan" Date: Tue, 29 Nov 2022 13:18:41 +0000 Subject: [PATCH 3/5] =?UTF-8?q?update=20=E5=B9=B2=E8=B4=A7=E6=80=BB?= =?UTF-8?q?=E7=BB=93/README.md.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Set3r.Pan --- 干货总结/README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/干货总结/README.md b/干货总结/README.md index 36cf37b..a347328 100644 --- a/干货总结/README.md +++ b/干货总结/README.md @@ -9,11 +9,17 @@ Collect relevant technical experience precipitation and dry goods summary of eac Only for research or learning, **DO NOT USE IT FOR ILLEGAL PURPOSES!** ## 目录 -  :fa-tags: [0x01 命令注入漏洞总结篇](./docs/0x01%20命令注入漏洞总结篇.md) +  :fa-tags: [0x01 命令注入漏洞总结篇](./docs/0x01%20命令注入漏洞总结篇.md) +   :fa-tags: [0x02 二十八种未授权访问漏洞合集](./docs/0x02%20二十八种未授权访问漏洞合集.md) +   :fa-tags: [0x03 Nginx之常见加固指南](./docs/0x03%20Nginx之常见加固指南.md) +   :fa-tags: [0x04 Linux后门总结-SSH利用篇](./docs/0x04%20Linux后门总结-SSH利用篇.md) +   :fa-tags: [0x05 Linux后门总结-各类隐藏技能](./docs/0x05%20Linux后门总结-各类隐藏技能.md) +   :fa-tags: [0x06 Linux后门总结-系统服务利用](./docs/0x06%20Linux后门总结-系统服务利用.md) +   :fa-tags: [0x07 kubernetes集群渗透测试](./docs/0x07%20kubernetes集群渗透测试.md) From 50011a5bfb7a4d5f64bec5bdd23632521c115fbe Mon Sep 17 00:00:00 2001 From: "Set3r.Pan" Date: Tue, 29 Nov 2022 13:19:20 +0000 Subject: [PATCH 4/5] =?UTF-8?q?update=20=E6=8A=80=E6=9C=AF=E6=B2=99?= =?UTF-8?q?=E9=BE=99/README.md.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Set3r.Pan --- 技术沙龙/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/技术沙龙/README.md b/技术沙龙/README.md index 51869e0..2f71a9d 100644 --- a/技术沙龙/README.md +++ b/技术沙龙/README.md @@ -10,5 +10,7 @@ Only for research or learning,**DO NOT USE IT FOR ILLEGAL PURPOSES!** ## 目录   :fa-tags: [0x01 近源攻击案例与思考分享](./docs/0x01%20近源攻击案例与思考分享.md) +   :fa-tags: [0x02 Eloma-rootkit改写之路](./docs/0x02%20Eloma-rootkit改写之路.md) -  :fa-tags: [0x03 netlink通信机制研究及内核攻击利用](./docs/0x03%20netlink通信机制研究及内核攻击利用.md) \ No newline at end of file + +  :fa-tags: [0x03 netlink通信机制研究及内核攻击利用](./docs/0x03%20netlink通信机制研究及内核攻击利用.md) From 495e2083c182f9ddcad3125af072c04d8dba12c5 Mon Sep 17 00:00:00 2001 From: "Set3r.Pan" Date: Tue, 29 Nov 2022 13:21:07 +0000 Subject: [PATCH 5/5] =?UTF-8?q?update=20=E7=BB=88=E7=AB=AF=E5=AE=89?= =?UTF-8?q?=E5=85=A8/README.md.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Set3r.Pan --- 终端安全/README.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/终端安全/README.md b/终端安全/README.md index 60dc0c0..adbf7e4 100644 --- a/终端安全/README.md +++ b/终端安全/README.md @@ -10,13 +10,23 @@ Only for research or learning, **DO NOT USE IT FOR ILLEGAL PURPOSES!** ## 目录   :fa-tags: [0x01 WPS For Linux存在代码执行漏洞(CNVD-2022-21863)](./docs/0x01%20WPS%20For%20Linux存在代码执行漏洞(CNVD-2022-21863).md) +   :fa-tags: [0x02 Sudo权限绕过漏洞(CVE-2019-14287)](./docs/0x02%20Sudo权限绕过漏洞(CVE-2019-14287).md) +   :fa-tags: [0x03 Linux Kernel openvswitch模块提权漏洞(CVE-2022-2639)](./docs/0x03%20Linux%20Kernel%20openvswitch模块提权漏洞(CVE-2022-2639).md) +   :fa-tags: [0x04 Polkit提权漏洞(CVE-2021-4034)](./docs/0x04%20Polkit提权漏洞(CVE-2021-4034).md) +   :fa-tags: [0x05 Linux Kernel DirtyPipe提权漏洞(CVE-2022-0847)](./docs/0x05%20Linux%20Kernel%20DirtyPipe提权漏洞(CVE-2022-0847).md) +   :fa-tags: [0x06 Sudo本地提权漏洞(CVE-2021-3156)](./docs/0x06%20Sudo本地提权漏洞(CVE-2021-3156).md) +   :fa-tags: [0x07 Linux Netfilter缓冲区溢出漏洞(CVE-2022-34918)](./docs/0x07%20Linux%20Netfilter缓冲区溢出漏洞(CVE-2022-34918).md) +   :fa-tags: [0x08 Linux Kernel 权限提升漏洞(CVE-2022-2588)](./docs/0x08%20Linux%20Kernel%20权限提升漏洞(CVE-2022-2588).md) +   :fa-tags: [0x09 麒麟传书远程代码执行漏洞(KVE-2022-1002)](./docs/0x09%20麒麟传书远程代码执行漏洞(KVE-2022-1002).md) +   :fa-tags: [0x10 kylin-activation任意文件写入漏洞(KVE-2022-0231)](./docs/0x10%20kylin-activation任意文件写入漏洞(KVE-2022-0231).md) -  :fa-tags: [0x11 AFLplusplus入门-实战化挖掘vim漏洞](https://gitee.com/openkylin/attack-defense-think-tank/blob/master/%E7%BB%88%E7%AB%AF%E5%AE%89%E5%85%A8/docs/0x11%20AFLplusplus%E5%85%A5%E9%97%A8-%E5%AE%9E%E6%88%98%E5%8C%96%E6%8C%96%E6%8E%98vim%E6%BC%8F%E6%B4%9E.md) \ No newline at end of file + +  :fa-tags: [0x11 AFLplusplus入门-实战化挖掘vim漏洞](https://gitee.com/openkylin/attack-defense-think-tank/blob/master/%E7%BB%88%E7%AB%AF%E5%AE%89%E5%85%A8/docs/0x11%20AFLplusplus%E5%85%A5%E9%97%A8-%E5%AE%9E%E6%88%98%E5%8C%96%E6%8C%96%E6%8E%98vim%E6%BC%8F%E6%B4%9E.md)