[ { "title": "『2024GeekCTF』stkbof-初识hexagon架构PWN", "link": "https://xz.aliyun.com/t/16695", "published": "2024-12-10T20:27:00+08:00", "id": "https://xz.aliyun.com/t/16695", "summary": { "@type": "html", "#text": "『2024GeekCTF』stkbof-初识hexagon架构PWN" } }, { "title": "THM 靶场 — Overpass-writeup", "link": "https://xz.aliyun.com/t/16694", "published": "2024-12-10T20:07:42+08:00", "id": "https://xz.aliyun.com/t/16694", "summary": { "@type": "html", "#text": "THM 靶场 — Overpass-writeup" } }, { "title": "春秋云境-无间计划 WP", "link": "https://xz.aliyun.com/t/16693", "published": "2024-12-10T17:31:04+08:00", "id": "https://xz.aliyun.com/t/16693", "summary": { "@type": "html", "#text": "春秋云境-无间计划 WP" } }, { "title": "S8强网杯 IRE-sbgwd打通VPN隧道进行内网渗透利用命令注入", "link": "https://xz.aliyun.com/t/16691", "published": "2024-12-10T16:39:00+08:00", "id": "https://xz.aliyun.com/t/16691", "summary": { "@type": "html", "#text": "S8强网杯 IRE-sbgwd打通VPN隧道进行内网渗透利用命令注入" } }, { "title": "Sharp4Byass2SYSTEM:一款通过令牌复制将进程提升至SYSTEM权限的工具", "link": "https://xz.aliyun.com/t/16690", "published": "2024-12-10T16:19:13+08:00", "id": "https://xz.aliyun.com/t/16690", "summary": { "@type": "html", "#text": "Sharp4Byass2SYSTEM:一款通过令牌复制将进程提升至SYSTEM权限的工具" } }, { "title": "高危逻辑漏洞-Web3+Web2前端结合的ABI任意调用实现链上交易免gas", "link": "https://xz.aliyun.com/t/16689", "published": "2024-12-10T15:30:56+08:00", "id": "https://xz.aliyun.com/t/16689", "summary": { "@type": "html", "#text": "高危逻辑漏洞-Web3+Web2前端结合的ABI任意调用实现链上交易免gas" } }, { "title": "关于CTF-RSA题目类型解题思路", "link": "https://xz.aliyun.com/t/16688", "published": "2024-12-10T15:17:00+08:00", "id": "https://xz.aliyun.com/t/16688", "summary": { "@type": "html", "#text": "关于CTF-RSA题目类型解题思路" } }, { "title": "某系统渗透测试", "link": "https://xz.aliyun.com/t/16687", "published": "2024-12-10T15:15:45+08:00", "id": "https://xz.aliyun.com/t/16687", "summary": { "@type": "html", "#text": "某系统渗透测试" } }, { "title": "HITCTF2024 wget wp", "link": "https://xz.aliyun.com/t/16686", "published": "2024-12-10T14:47:51+08:00", "id": "https://xz.aliyun.com/t/16686", "summary": { "@type": "html", "#text": "HITCTF2024 wget wp" } }, { "title": "S8强网杯 RealWorld部分 IRE详解", "link": "https://xz.aliyun.com/t/16684", "published": "2024-12-10T14:37:16+08:00", "id": "https://xz.aliyun.com/t/16684", "summary": { "@type": "html", "#text": "S8强网杯 RealWorld部分 IRE详解" } }, { "title": "ez_Gallery预期解之内存马挖掘", "link": "https://xz.aliyun.com/t/16683", "published": "2024-12-10T13:40:06+08:00", "id": "https://xz.aliyun.com/t/16683", "summary": { "@type": "html", "#text": "ez_Gallery预期解之内存马挖掘" } }, { "title": "从302跳转打到fastcgi", "link": "https://xz.aliyun.com/t/16681", "published": "2024-12-10T12:23:34+08:00", "id": "https://xz.aliyun.com/t/16681", "summary": { "@type": "html", "#text": "从302跳转打到fastcgi" } }, { "title": "fastjson之parse和parseobject利用差异", "link": "https://xz.aliyun.com/t/16680", "published": "2024-12-10T12:20:07+08:00", "id": "https://xz.aliyun.com/t/16680", "summary": { "@type": "html", "#text": "fastjson之parse和parseobject利用差异" } }, { "title": "2023巅峰极客-BabyURL复现分析", "link": "https://xz.aliyun.com/t/16678", "published": "2024-12-10T11:20:31+08:00", "id": "https://xz.aliyun.com/t/16678", "summary": { "@type": "html", "#text": "2023巅峰极客-BabyURL复现分析" } }, { "title": "[强网拟态2024 final] Jemalloc heap: Every Fold Reveals A Side详解", "link": "https://xz.aliyun.com/t/16676", "published": "2024-12-10T09:20:38+08:00", "id": "https://xz.aliyun.com/t/16676", "summary": { "@type": "html", "#text": "[强网拟态2024 final] Jemalloc heap: Every Fold Reveals A Side详解" } }, { "title": "深入探索:利用 io_uring 实现高效的 Shellcode 攻击", "link": "https://xz.aliyun.com/t/16675", "published": "2024-12-10T00:33:03+08:00", "id": "https://xz.aliyun.com/t/16675", "summary": { "@type": "html", "#text": "深入探索:利用 io_uring 实现高效的 Shellcode 攻击" } }, { "title": "House Of Corrosion与House Of Husk的交叉利用", "link": "https://xz.aliyun.com/t/16674", "published": "2024-12-10T00:32:04+08:00", "id": "https://xz.aliyun.com/t/16674", "summary": { "@type": "html", "#text": "House Of Corrosion与House Of Husk的交叉利用" } }, { "title": "实战自动化加解密&加密场景下的暴力破解", "link": "https://xz.aliyun.com/t/16673", "published": "2024-12-10T00:20:00+08:00", "id": "https://xz.aliyun.com/t/16673", "summary": { "@type": "html", "#text": "实战自动化加解密&加密场景下的暴力破解" } }, { "title": "Ptmalloc2源代码分析(Glibc内存管理)", "link": "https://xz.aliyun.com/t/16672", "published": "2024-12-09T23:29:29+08:00", "id": "https://xz.aliyun.com/t/16672", "summary": { "@type": "html", "#text": "Ptmalloc2源代码分析(Glibc内存管理)" } }, { "title": "总结在 CTF-PWN 中遇到的 shellcode 利用", "link": "https://xz.aliyun.com/t/16670", "published": "2024-12-09T23:18:01+08:00", "id": "https://xz.aliyun.com/t/16670", "summary": { "@type": "html", "#text": "总结在 CTF-PWN 中遇到的 shellcode 利用" } }, { "title": "基于armv7l架构的进程注入研究——使用ptrace注入shellcode", "link": "https://xz.aliyun.com/t/16668", "published": "2024-12-09T22:42:19+08:00", "id": "https://xz.aliyun.com/t/16668", "summary": { "@type": "html", "#text": "基于armv7l架构的进程注入研究——使用ptrace注入shellcode" } }, { "title": "Apache Common Jelly浅析", "link": "https://xz.aliyun.com/t/16667", "published": "2024-12-09T22:13:02+08:00", "id": "https://xz.aliyun.com/t/16667", "summary": { "@type": "html", "#text": "Apache Common Jelly浅析" } }, { "title": "PolarD&N--2024冬季个人挑战赛--Crypto-WP", "link": "https://xz.aliyun.com/t/16666", "published": "2024-12-09T22:00:48+08:00", "id": "https://xz.aliyun.com/t/16666", "summary": { "@type": "html", "#text": "PolarD&N--2024冬季个人挑战赛--Crypto-WP" } }, { "title": "Web安全--业务逻辑漏洞篇", "link": "https://xz.aliyun.com/t/16665", "published": "2024-12-09T21:57:00+08:00", "id": "https://xz.aliyun.com/t/16665", "summary": { "@type": "html", "#text": "Web安全--业务逻辑漏洞篇" } }, { "title": "2024 polarctf 冬季个人挑战赛 web wp", "link": "https://xz.aliyun.com/t/16664", "published": "2024-12-09T21:40:37+08:00", "id": "https://xz.aliyun.com/t/16664", "summary": { "@type": "html", "#text": "2024 polarctf 冬季个人挑战赛 web wp" } }, { "title": "JsonPickle调试分析原理及WAF绕过", "link": "https://xz.aliyun.com/t/16661", "published": "2024-12-09T21:01:00+08:00", "id": "https://xz.aliyun.com/t/16661", "summary": { "@type": "html", "#text": "JsonPickle调试分析原理及WAF绕过" } }, { "title": "求被异或算法加密文件的KEY的骚操作", "link": "https://xz.aliyun.com/t/16659", "published": "2024-12-09T17:19:38+08:00", "id": "https://xz.aliyun.com/t/16659", "summary": { "@type": "html", "#text": "求被异或算法加密文件的KEY的骚操作" } }, { "title": "从国城杯Ez_Gallery实现寻找WSGIRef内存马和Response响应头外带以及栈帧回显的尝试", "link": "https://xz.aliyun.com/t/16657", "published": "2024-12-09T15:55:00+08:00", "id": "https://xz.aliyun.com/t/16657", "summary": { "@type": "html", "#text": "从国城杯Ez_Gallery实现寻找WSGIRef内存马和Response响应头外带以及栈帧回显的尝试" } }, { "title": "kernel从小白到大神(六)-USMA", "link": "https://xz.aliyun.com/t/16656", "published": "2024-12-09T15:53:42+08:00", "id": "https://xz.aliyun.com/t/16656", "summary": { "@type": "html", "#text": "kernel从小白到大神(六)-USMA" } }, { "title": "一道题了解虚拟机本身的机制实现的shellcode", "link": "https://xz.aliyun.com/t/16655", "published": "2024-12-09T15:36:44+08:00", "id": "https://xz.aliyun.com/t/16655", "summary": { "@type": "html", "#text": "一道题了解虚拟机本身的机制实现的shellcode" } }, { "title": "protobuf脱壳二进制漏洞总结", "link": "https://xz.aliyun.com/t/16654", "published": "2024-12-09T14:47:44+08:00", "id": "https://xz.aliyun.com/t/16654", "summary": { "@type": "html", "#text": "protobuf脱壳二进制漏洞总结" } }, { "title": "分享一次 C++ PWN 出题经历——深入研究异常处理机制", "link": "https://xz.aliyun.com/t/16652", "published": "2024-12-09T14:40:53+08:00", "id": "https://xz.aliyun.com/t/16652", "summary": { "@type": "html", "#text": "分享一次 C++ PWN 出题经历——深入研究异常处理机制" } }, { "title": "实现xxl-job-executor 1.9.2阉割版Jetty服务的Handler内存马", "link": "https://xz.aliyun.com/t/16651", "published": "2024-12-09T13:49:53+08:00", "id": "https://xz.aliyun.com/t/16651", "summary": { "@type": "html", "#text": "实现xxl-job-executor 1.9.2阉割版Jetty服务的Handler内存马" } }, { "title": "域渗透入门靶机之HTB-Administrator", "link": "https://xz.aliyun.com/t/16650", "published": "2024-12-09T13:35:23+08:00", "id": "https://xz.aliyun.com/t/16650", "summary": { "@type": "html", "#text": "域渗透入门靶机之HTB-Administrator" } }, { "title": "对pyramid框架无回显的学习---以一道ctf题目为例", "link": "https://xz.aliyun.com/t/16653", "published": "2024-12-09T12:10:00+08:00", "id": "https://xz.aliyun.com/t/16653", "summary": { "@type": "html", "#text": "对pyramid框架无回显的学习---以一道ctf题目为例" } }, { "title": "ATT&CK红队评估实战靶场二", "link": "https://xz.aliyun.com/t/16648", "published": "2024-12-09T12:04:52+08:00", "id": "https://xz.aliyun.com/t/16648", "summary": { "@type": "html", "#text": "ATT&CK红队评估实战靶场二" } }, { "title": "[强网杯2024 Final] PWN1-heap 详解 (AES+2.31 unlink)", "link": "https://xz.aliyun.com/t/16647", "published": "2024-12-09T11:01:22+08:00", "id": "https://xz.aliyun.com/t/16647", "summary": { "@type": "html", "#text": "[强网杯2024 Final] PWN1-heap 详解 (AES+2.31 unlink)" } }, { "title": "某某新闻逆向分析", "link": "https://xz.aliyun.com/t/16646", "published": "2024-12-09T10:38:07+08:00", "id": "https://xz.aliyun.com/t/16646", "summary": { "@type": "html", "#text": "某某新闻逆向分析" } }, { "title": "免杀基础-线程劫持", "link": "https://xz.aliyun.com/t/16645", "published": "2024-12-09T09:50:00+08:00", "id": "https://xz.aliyun.com/t/16645", "summary": { "@type": "html", "#text": "免杀基础-线程劫持" } }, { "title": "2024 强网杯决赛PWN部分解", "link": "https://xz.aliyun.com/t/16642", "published": "2024-12-08T23:39:16+08:00", "id": "https://xz.aliyun.com/t/16642", "summary": { "@type": "html", "#text": "2024 强网杯决赛PWN部分解" } }, { "title": "Windows hook框架Detours踩坑", "link": "https://xz.aliyun.com/t/16641", "published": "2024-12-08T22:48:32+08:00", "id": "https://xz.aliyun.com/t/16641", "summary": { "@type": "html", "#text": "Windows hook框架Detours踩坑" } }, { "title": "2024“国城杯”网络安全挑战大赛web方向部分wp", "link": "https://xz.aliyun.com/t/16640", "published": "2024-12-08T22:06:01+08:00", "id": "https://xz.aliyun.com/t/16640", "summary": { "@type": "html", "#text": "2024“国城杯”网络安全挑战大赛web方向部分wp" } }, { "title": "Apache Commons Jelly漏洞分析", "link": "https://xz.aliyun.com/t/16637", "published": "2024-12-08T21:00:20+08:00", "id": "https://xz.aliyun.com/t/16637", "summary": { "@type": "html", "#text": "Apache Commons Jelly漏洞分析" } }, { "title": "polar2024冬季个人挑战赛 re部分题解", "link": "https://xz.aliyun.com/t/16636", "published": "2024-12-08T20:47:19+08:00", "id": "https://xz.aliyun.com/t/16636", "summary": { "@type": "html", "#text": "polar2024冬季个人挑战赛 re部分题解" } }, { "title": "从2024年网鼎杯半决赛入门IOT————IOT网络协议分析babyRTP", "link": "https://xz.aliyun.com/t/16635", "published": "2024-12-08T20:35:18+08:00", "id": "https://xz.aliyun.com/t/16635", "summary": { "@type": "html", "#text": "从2024年网鼎杯半决赛入门IOT————IOT网络协议分析babyRTP" } }, { "title": "入门级badusb框架的实现", "link": "https://xz.aliyun.com/t/16633", "published": "2024-12-08T17:11:38+08:00", "id": "https://xz.aliyun.com/t/16633", "summary": { "@type": "html", "#text": "入门级badusb框架的实现" } }, { "title": "内存马生成工具JMG的哥斯拉插件:jmgg", "link": "https://xz.aliyun.com/t/16632", "published": "2024-12-08T16:49:18+08:00", "id": "https://xz.aliyun.com/t/16632", "summary": { "@type": "html", "#text": "内存马生成工具JMG的哥斯拉插件:jmgg" } }, { "title": "pyramid 框架无回显挖掘", "link": "https://xz.aliyun.com/t/16631", "published": "2024-12-08T16:04:25+08:00", "id": "https://xz.aliyun.com/t/16631", "summary": { "@type": "html", "#text": "pyramid 框架无回显挖掘" } }, { "title": "代码审计 - MCMS v5.4.1 0day挖掘", "link": "https://xz.aliyun.com/t/16630", "published": "2024-12-08T15:33:10+08:00", "id": "https://xz.aliyun.com/t/16630", "summary": { "@type": "html", "#text": "代码审计 - MCMS v5.4.1 0day挖掘" } }, { "title": "从HECTF ezjava 入手 Vaadin 调用链挖掘", "link": "https://xz.aliyun.com/t/16627", "published": "2024-12-08T13:06:14+08:00", "id": "https://xz.aliyun.com/t/16627", "summary": { "@type": "html", "#text": "从HECTF ezjava 入手 Vaadin 调用链挖掘" } }, { "title": "x86汇编与编写shellcode", "link": "https://xz.aliyun.com/t/16626", "published": "2024-12-08T11:49:46+08:00", "id": "https://xz.aliyun.com/t/16626", "summary": { "@type": "html", "#text": "x86汇编与编写shellcode" } }, { "title": "PolarCTF-2024冬季赛 (WEB)", "link": "https://xz.aliyun.com/t/16624", "published": "2024-12-08T10:49:52+08:00", "id": "https://xz.aliyun.com/t/16624", "summary": { "@type": "html", "#text": "PolarCTF-2024冬季赛 (WEB)" } }, { "title": "PE 文件结构剖析:手工压缩与注入实战", "link": "https://xz.aliyun.com/t/16622", "published": "2024-12-08T02:05:35+08:00", "id": "https://xz.aliyun.com/t/16622", "summary": { "@type": "html", "#text": "PE 文件结构剖析:手工压缩与注入实战" } }, { "title": "qwb-final-dataease代码审计", "link": "https://xz.aliyun.com/t/16620", "published": "2024-12-07T22:56:00+08:00", "id": "https://xz.aliyun.com/t/16620", "summary": { "@type": "html", "#text": "qwb-final-dataease代码审计" } }, { "title": "2024 国城杯 WriteUp", "link": "https://xz.aliyun.com/t/16615", "published": "2024-12-07T19:16:17+08:00", "id": "https://xz.aliyun.com/t/16615", "summary": { "@type": "html", "#text": "2024 国城杯 WriteUp" } }, { "title": "2024 国城杯取证 Just_F0r3n51Cs", "link": "https://xz.aliyun.com/t/16612", "published": "2024-12-07T17:25:45+08:00", "id": "https://xz.aliyun.com/t/16612", "summary": { "@type": "html", "#text": "2024 国城杯取证 Just_F0r3n51Cs" } }, { "title": "如何HOST碰撞挖掘隐蔽资产", "link": "https://xz.aliyun.com/t/16611", "published": "2024-12-07T17:10:22+08:00", "id": "https://xz.aliyun.com/t/16611", "summary": { "@type": "html", "#text": "如何HOST碰撞挖掘隐蔽资产" } }, { "title": "2024国城杯初赛 re部分wp", "link": "https://xz.aliyun.com/t/16610", "published": "2024-12-07T17:10:19+08:00", "id": "https://xz.aliyun.com/t/16610", "summary": { "@type": "html", "#text": "2024国城杯初赛 re部分wp" } }, { "title": "分析探究Java原生链反序列化绕过高版本fastjson打Spring马", "link": "https://xz.aliyun.com/t/16608", "published": "2024-12-07T16:46:56+08:00", "id": "https://xz.aliyun.com/t/16608", "summary": { "@type": "html", "#text": "分析探究Java原生链反序列化绕过高版本fastjson打Spring马" } }, { "title": "记一道CC6-TemplatesImpl链和Jackson原链打Spring内存马的利用", "link": "https://xz.aliyun.com/t/16601", "published": "2024-12-07T16:45:23+08:00", "id": "https://xz.aliyun.com/t/16601", "summary": { "@type": "html", "#text": "记一道CC6-TemplatesImpl链和Jackson原链打Spring内存马的利用" } }, { "title": "强网杯S8决赛RW赛道", "link": "https://xz.aliyun.com/t/16607", "published": "2024-12-07T16:39:52+08:00", "id": "https://xz.aliyun.com/t/16607", "summary": { "@type": "html", "#text": "强网杯S8决赛RW赛道" } }, { "title": "2024国城杯pwn详细全解", "link": "https://xz.aliyun.com/t/16606", "published": "2024-12-07T16:27:51+08:00", "id": "https://xz.aliyun.com/t/16606", "summary": { "@type": "html", "#text": "2024国城杯pwn详细全解" } }, { "title": "2024国城杯线上Crypto-WP", "link": "https://xz.aliyun.com/t/16605", "published": "2024-12-07T16:10:19+08:00", "id": "https://xz.aliyun.com/t/16605", "summary": { "@type": "html", "#text": "2024国城杯线上Crypto-WP" } }, { "title": "强网S8决赛JsonPcikle Safe模式下的RCE与绕过分析研究", "link": "https://xz.aliyun.com/t/16604", "published": "2024-12-07T16:07:00+08:00", "id": "https://xz.aliyun.com/t/16604", "summary": { "@type": "html", "#text": "强网S8决赛JsonPcikle Safe模式下的RCE与绕过分析研究" } }, { "title": "Pyramid 框架SSTI分析RCE", "link": "https://xz.aliyun.com/t/16600", "published": "2024-12-07T13:37:25+08:00", "id": "https://xz.aliyun.com/t/16600", "summary": { "@type": "html", "#text": "Pyramid 框架SSTI分析RCE" } }, { "title": "apk修改实践:绕过强制更新弹窗", "link": "https://xz.aliyun.com/t/16599", "published": "2024-12-07T11:02:35+08:00", "id": "https://xz.aliyun.com/t/16599", "summary": { "@type": "html", "#text": "apk修改实践:绕过强制更新弹窗" } }, { "title": "浅析异常线程检测逻辑(unbacked)", "link": "https://xz.aliyun.com/t/16598", "published": "2024-12-07T10:30:00+08:00", "id": "https://xz.aliyun.com/t/16598", "summary": { "@type": "html", "#text": "浅析异常线程检测逻辑(unbacked)" } }, { "title": "boofuzz 中的 Request 和 Path 源码分析", "link": "https://xz.aliyun.com/t/16594", "published": "2024-12-07T02:06:10+08:00", "id": "https://xz.aliyun.com/t/16594", "summary": { "@type": "html", "#text": "boofuzz 中的 Request 和 Path 源码分析" } }, { "title": "云函数实现代理绕过IP封锁", "link": "https://xz.aliyun.com/t/16589", "published": "2024-12-06T22:46:00+08:00", "id": "https://xz.aliyun.com/t/16589", "summary": { "@type": "html", "#text": "云函数实现代理绕过IP封锁" } }, { "title": "CVE-2024-4181 run-llama/llama_index-SSE Command Injection分析", "link": "https://xz.aliyun.com/t/16588", "published": "2024-12-06T22:34:00+08:00", "id": "https://xz.aliyun.com/t/16588", "summary": { "@type": "html", "#text": "CVE-2024-4181 run-llama/llama_index-SSE Command Injection分析" } }, { "title": "若依一把梭哈工具源码分析", "link": "https://xz.aliyun.com/t/16586", "published": "2024-12-06T22:31:35+08:00", "id": "https://xz.aliyun.com/t/16586", "summary": { "@type": "html", "#text": "若依一把梭哈工具源码分析" } }, { "title": "CVE-2024-3408 D-tale bypassRCE分析", "link": "https://xz.aliyun.com/t/16587", "published": "2024-12-06T22:31:00+08:00", "id": "https://xz.aliyun.com/t/16587", "summary": { "@type": "html", "#text": "CVE-2024-3408 D-tale bypassRCE分析" } }, { "title": "S8强网杯 ez_login详解", "link": "https://xz.aliyun.com/t/16582", "published": "2024-12-06T20:08:01+08:00", "id": "https://xz.aliyun.com/t/16582", "summary": { "@type": "html", "#text": "S8强网杯 ez_login详解" } }, { "title": "S8强网杯Final-thinkshopplus", "link": "https://xz.aliyun.com/t/16581", "published": "2024-12-06T19:01:00+08:00", "id": "https://xz.aliyun.com/t/16581", "summary": { "@type": "html", "#text": "S8强网杯Final-thinkshopplus" } }, { "title": "gRPC&Go: XCTF联赛DubheCTF2024 - ggbond 详细题解", "link": "https://xz.aliyun.com/t/16580", "published": "2024-12-06T17:51:46+08:00", "id": "https://xz.aliyun.com/t/16580", "summary": { "@type": "html", "#text": "gRPC&Go: XCTF联赛DubheCTF2024 - ggbond 详细题解" } }, { "title": "免杀基础-shellcode开发", "link": "https://xz.aliyun.com/t/16579", "published": "2024-12-06T15:19:56+08:00", "id": "https://xz.aliyun.com/t/16579", "summary": { "@type": "html", "#text": "免杀基础-shellcode开发" } }, { "title": "基于JavaSecLab 一款综合Java漏洞平台的学习思考(二)", "link": "https://xz.aliyun.com/t/16577", "published": "2024-12-06T14:10:30+08:00", "id": "https://xz.aliyun.com/t/16577", "summary": { "@type": "html", "#text": "基于JavaSecLab 一款综合Java漏洞平台的学习思考(二)" } }, { "title": "JFinal CMS 5.1.0 命令执行漏洞分析(CVE-2024-53477)", "link": "https://xz.aliyun.com/t/16575", "published": "2024-12-06T13:27:00+08:00", "id": "https://xz.aliyun.com/t/16575", "summary": { "@type": "html", "#text": "JFinal CMS 5.1.0 命令执行漏洞分析(CVE-2024-53477)" } }, { "title": "Sharp4Killdefender:通过修改注册表关闭Windows Defender", "link": "https://xz.aliyun.com/t/16574", "published": "2024-12-06T13:00:24+08:00", "id": "https://xz.aliyun.com/t/16574", "summary": { "@type": "html", "#text": "Sharp4Killdefender:通过修改注册表关闭Windows Defender" } }, { "title": "从一道java题体验 scxml漏洞", "link": "https://xz.aliyun.com/t/16572", "published": "2024-12-06T12:13:03+08:00", "id": "https://xz.aliyun.com/t/16572", "summary": { "@type": "html", "#text": "从一道java题体验 scxml漏洞" } }, { "title": "一次Telegram窃取程序的深入解析:从技术细节到定位攻击者账户的完整流程", "link": "https://xz.aliyun.com/t/16570", "published": "2024-12-06T12:01:42+08:00", "id": "https://xz.aliyun.com/t/16570", "summary": { "@type": "html", "#text": "一次Telegram窃取程序的深入解析:从技术细节到定位攻击者账户的完整流程" } }, { "title": "CVE-2018-1270 spring-messaging RCE 深入分析", "link": "https://xz.aliyun.com/t/16569", "published": "2024-12-06T11:44:58+08:00", "id": "https://xz.aliyun.com/t/16569", "summary": { "@type": "html", "#text": "CVE-2018-1270 spring-messaging RCE 深入分析" } }, { "title": "DTStack Taier 1.4.0 listNames sql注入分析(CVE-2024-41579)", "link": "https://xz.aliyun.com/t/16568", "published": "2024-12-06T11:08:37+08:00", "id": "https://xz.aliyun.com/t/16568", "summary": { "@type": "html", "#text": "DTStack Taier 1.4.0 listNames sql注入分析(CVE-2024-41579)" } }, { "title": "基于environ变量的堆题攻击栈空间", "link": "https://xz.aliyun.com/t/16566", "published": "2024-12-05T22:29:29+08:00", "id": "https://xz.aliyun.com/t/16566", "summary": { "@type": "html", "#text": "基于environ变量的堆题攻击栈空间" } }, { "title": "burpsuite数据包自动加解密插件,autoDecoder详细安装+使用", "link": "https://xz.aliyun.com/t/16564", "published": "2024-12-05T16:57:14+08:00", "id": "https://xz.aliyun.com/t/16564", "summary": { "@type": "html", "#text": "burpsuite数据包自动加解密插件,autoDecoder详细安装+使用" } }, { "title": "一次红队恶意程序分析溯源", "link": "https://xz.aliyun.com/t/16563", "published": "2024-12-05T15:39:11+08:00", "id": "https://xz.aliyun.com/t/16563", "summary": { "@type": "html", "#text": "一次红队恶意程序分析溯源" } }, { "title": "深入异构 PWN:PowerPC&ARM&MIPS", "link": "https://xz.aliyun.com/t/16562", "published": "2024-12-05T14:23:42+08:00", "id": "https://xz.aliyun.com/t/16562", "summary": { "@type": "html", "#text": "深入异构 PWN:PowerPC&ARM&MIPS" } }, { "title": "llvm pass 初探", "link": "https://xz.aliyun.com/t/16558", "published": "2024-12-05T12:04:00+08:00", "id": "https://xz.aliyun.com/t/16558", "summary": { "@type": "html", "#text": "llvm pass 初探" } }, { "title": "从源码的角度学习 boofuzz 函数的使用", "link": "https://xz.aliyun.com/t/16554", "published": "2024-12-05T01:05:47+08:00", "id": "https://xz.aliyun.com/t/16554", "summary": { "@type": "html", "#text": "从源码的角度学习 boofuzz 函数的使用" } }, { "title": "分享最近攻防演练HVV漏洞复盘", "link": "https://xz.aliyun.com/t/16553", "published": "2024-12-04T21:11:09+08:00", "id": "https://xz.aliyun.com/t/16553", "summary": { "@type": "html", "#text": "分享最近攻防演练HVV漏洞复盘" } }, { "title": "伪装成ToDesk安装程序加载后门盗取数字货币", "link": "https://xz.aliyun.com/t/16552", "published": "2024-12-04T20:00:59+08:00", "id": "https://xz.aliyun.com/t/16552", "summary": { "@type": "html", "#text": "伪装成ToDesk安装程序加载后门盗取数字货币" } }, { "title": "Android逆向实战——以某APP跳过广告为例", "link": "https://xz.aliyun.com/t/16550", "published": "2024-12-04T17:38:00+08:00", "id": "https://xz.aliyun.com/t/16550", "summary": { "@type": "html", "#text": "Android逆向实战——以某APP跳过广告为例" } }, { "title": "webpwn的一些总结", "link": "https://xz.aliyun.com/t/16549", "published": "2024-12-04T17:20:50+08:00", "id": "https://xz.aliyun.com/t/16549", "summary": { "@type": "html", "#text": "webpwn的一些总结" } }, { "title": "Fastjson反序列化漏洞深度解析与利用和修复", "link": "https://xz.aliyun.com/t/16547", "published": "2024-12-04T15:18:05+08:00", "id": "https://xz.aliyun.com/t/16547", "summary": { "@type": "html", "#text": "Fastjson反序列化漏洞深度解析与利用和修复" } }, { "title": "2024金盾信安杯线上题目wp", "link": "https://xz.aliyun.com/t/16546", "published": "2024-12-04T15:08:41+08:00", "id": "https://xz.aliyun.com/t/16546", "summary": { "@type": "html", "#text": "2024金盾信安杯线上题目wp" } }, { "title": "高版本Fastjson反序列化Xtring新链和EventListenerList绕过", "link": "https://xz.aliyun.com/t/16540", "published": "2024-12-04T13:59:43+08:00", "id": "https://xz.aliyun.com/t/16540", "summary": { "@type": "html", "#text": "高版本Fastjson反序列化Xtring新链和EventListenerList绕过" } }, { "title": "域渗透入门靶机之HTB-Cicada", "link": "https://xz.aliyun.com/t/16539", "published": "2024-12-04T13:10:46+08:00", "id": "https://xz.aliyun.com/t/16539", "summary": { "@type": "html", "#text": "域渗透入门靶机之HTB-Cicada" } }, { "title": "java加载动态链接库绕过一些限制的思考", "link": "https://xz.aliyun.com/t/16538", "published": "2024-12-04T11:12:08+08:00", "id": "https://xz.aliyun.com/t/16538", "summary": { "@type": "html", "#text": "java加载动态链接库绕过一些限制的思考" } }, { "title": "从零构建:我的漏洞扫描器之旅", "link": "https://xz.aliyun.com/t/16537", "published": "2024-12-04T10:38:46+08:00", "id": "https://xz.aliyun.com/t/16537", "summary": { "@type": "html", "#text": "从零构建:我的漏洞扫描器之旅" } }, { "title": "CS代码审计配合Jdbc反序列化漏洞的利用", "link": "https://xz.aliyun.com/t/16536", "published": "2024-12-03T23:58:20+08:00", "id": "https://xz.aliyun.com/t/16536", "summary": { "@type": "html", "#text": "CS代码审计配合Jdbc反序列化漏洞的利用" } } ]