1002 lines
35 KiB
JSON
1002 lines
35 KiB
JSON
[
|
||
{
|
||
"title": "『2024GeekCTF』stkbof-初识hexagon架构PWN",
|
||
"link": "https://xz.aliyun.com/t/16695",
|
||
"published": "2024-12-10T20:27:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16695",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "『2024GeekCTF』stkbof-初识hexagon架构PWN"
|
||
}
|
||
},
|
||
{
|
||
"title": "THM 靶场 — Overpass-writeup",
|
||
"link": "https://xz.aliyun.com/t/16694",
|
||
"published": "2024-12-10T20:07:42+08:00",
|
||
"id": "https://xz.aliyun.com/t/16694",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "THM 靶场 — Overpass-writeup"
|
||
}
|
||
},
|
||
{
|
||
"title": "春秋云境-无间计划 WP",
|
||
"link": "https://xz.aliyun.com/t/16693",
|
||
"published": "2024-12-10T17:31:04+08:00",
|
||
"id": "https://xz.aliyun.com/t/16693",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "春秋云境-无间计划 WP"
|
||
}
|
||
},
|
||
{
|
||
"title": "S8强网杯 IRE-sbgwd打通VPN隧道进行内网渗透利用命令注入",
|
||
"link": "https://xz.aliyun.com/t/16691",
|
||
"published": "2024-12-10T16:39:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16691",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "S8强网杯 IRE-sbgwd打通VPN隧道进行内网渗透利用命令注入"
|
||
}
|
||
},
|
||
{
|
||
"title": "Sharp4Byass2SYSTEM:一款通过令牌复制将进程提升至SYSTEM权限的工具",
|
||
"link": "https://xz.aliyun.com/t/16690",
|
||
"published": "2024-12-10T16:19:13+08:00",
|
||
"id": "https://xz.aliyun.com/t/16690",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Sharp4Byass2SYSTEM:一款通过令牌复制将进程提升至SYSTEM权限的工具"
|
||
}
|
||
},
|
||
{
|
||
"title": "高危逻辑漏洞-Web3+Web2前端结合的ABI任意调用实现链上交易免gas",
|
||
"link": "https://xz.aliyun.com/t/16689",
|
||
"published": "2024-12-10T15:30:56+08:00",
|
||
"id": "https://xz.aliyun.com/t/16689",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "高危逻辑漏洞-Web3+Web2前端结合的ABI任意调用实现链上交易免gas"
|
||
}
|
||
},
|
||
{
|
||
"title": "关于CTF-RSA题目类型解题思路",
|
||
"link": "https://xz.aliyun.com/t/16688",
|
||
"published": "2024-12-10T15:17:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16688",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "关于CTF-RSA题目类型解题思路"
|
||
}
|
||
},
|
||
{
|
||
"title": "某系统渗透测试",
|
||
"link": "https://xz.aliyun.com/t/16687",
|
||
"published": "2024-12-10T15:15:45+08:00",
|
||
"id": "https://xz.aliyun.com/t/16687",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "某系统渗透测试"
|
||
}
|
||
},
|
||
{
|
||
"title": "HITCTF2024 wget wp",
|
||
"link": "https://xz.aliyun.com/t/16686",
|
||
"published": "2024-12-10T14:47:51+08:00",
|
||
"id": "https://xz.aliyun.com/t/16686",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "HITCTF2024 wget wp"
|
||
}
|
||
},
|
||
{
|
||
"title": "S8强网杯 RealWorld部分 IRE详解",
|
||
"link": "https://xz.aliyun.com/t/16684",
|
||
"published": "2024-12-10T14:37:16+08:00",
|
||
"id": "https://xz.aliyun.com/t/16684",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "S8强网杯 RealWorld部分 IRE详解"
|
||
}
|
||
},
|
||
{
|
||
"title": "ez_Gallery预期解之内存马挖掘",
|
||
"link": "https://xz.aliyun.com/t/16683",
|
||
"published": "2024-12-10T13:40:06+08:00",
|
||
"id": "https://xz.aliyun.com/t/16683",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "ez_Gallery预期解之内存马挖掘"
|
||
}
|
||
},
|
||
{
|
||
"title": "从302跳转打到fastcgi",
|
||
"link": "https://xz.aliyun.com/t/16681",
|
||
"published": "2024-12-10T12:23:34+08:00",
|
||
"id": "https://xz.aliyun.com/t/16681",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从302跳转打到fastcgi"
|
||
}
|
||
},
|
||
{
|
||
"title": "fastjson之parse和parseobject利用差异",
|
||
"link": "https://xz.aliyun.com/t/16680",
|
||
"published": "2024-12-10T12:20:07+08:00",
|
||
"id": "https://xz.aliyun.com/t/16680",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "fastjson之parse和parseobject利用差异"
|
||
}
|
||
},
|
||
{
|
||
"title": "2023巅峰极客-BabyURL复现分析",
|
||
"link": "https://xz.aliyun.com/t/16678",
|
||
"published": "2024-12-10T11:20:31+08:00",
|
||
"id": "https://xz.aliyun.com/t/16678",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2023巅峰极客-BabyURL复现分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "[强网拟态2024 final] Jemalloc heap: Every Fold Reveals A Side详解",
|
||
"link": "https://xz.aliyun.com/t/16676",
|
||
"published": "2024-12-10T09:20:38+08:00",
|
||
"id": "https://xz.aliyun.com/t/16676",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "[强网拟态2024 final] Jemalloc heap: Every Fold Reveals A Side详解"
|
||
}
|
||
},
|
||
{
|
||
"title": "深入探索:利用 io_uring 实现高效的 Shellcode 攻击",
|
||
"link": "https://xz.aliyun.com/t/16675",
|
||
"published": "2024-12-10T00:33:03+08:00",
|
||
"id": "https://xz.aliyun.com/t/16675",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "深入探索:利用 io_uring 实现高效的 Shellcode 攻击"
|
||
}
|
||
},
|
||
{
|
||
"title": "House Of Corrosion与House Of Husk的交叉利用",
|
||
"link": "https://xz.aliyun.com/t/16674",
|
||
"published": "2024-12-10T00:32:04+08:00",
|
||
"id": "https://xz.aliyun.com/t/16674",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "House Of Corrosion与House Of Husk的交叉利用"
|
||
}
|
||
},
|
||
{
|
||
"title": "实战自动化加解密&加密场景下的暴力破解",
|
||
"link": "https://xz.aliyun.com/t/16673",
|
||
"published": "2024-12-10T00:20:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16673",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "实战自动化加解密&加密场景下的暴力破解"
|
||
}
|
||
},
|
||
{
|
||
"title": "Ptmalloc2源代码分析(Glibc内存管理)",
|
||
"link": "https://xz.aliyun.com/t/16672",
|
||
"published": "2024-12-09T23:29:29+08:00",
|
||
"id": "https://xz.aliyun.com/t/16672",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Ptmalloc2源代码分析(Glibc内存管理)"
|
||
}
|
||
},
|
||
{
|
||
"title": "总结在 CTF-PWN 中遇到的 shellcode 利用",
|
||
"link": "https://xz.aliyun.com/t/16670",
|
||
"published": "2024-12-09T23:18:01+08:00",
|
||
"id": "https://xz.aliyun.com/t/16670",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "总结在 CTF-PWN 中遇到的 shellcode 利用"
|
||
}
|
||
},
|
||
{
|
||
"title": "基于armv7l架构的进程注入研究——使用ptrace注入shellcode",
|
||
"link": "https://xz.aliyun.com/t/16668",
|
||
"published": "2024-12-09T22:42:19+08:00",
|
||
"id": "https://xz.aliyun.com/t/16668",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "基于armv7l架构的进程注入研究——使用ptrace注入shellcode"
|
||
}
|
||
},
|
||
{
|
||
"title": "Apache Common Jelly浅析",
|
||
"link": "https://xz.aliyun.com/t/16667",
|
||
"published": "2024-12-09T22:13:02+08:00",
|
||
"id": "https://xz.aliyun.com/t/16667",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Apache Common Jelly浅析"
|
||
}
|
||
},
|
||
{
|
||
"title": "PolarD&N--2024冬季个人挑战赛--Crypto-WP",
|
||
"link": "https://xz.aliyun.com/t/16666",
|
||
"published": "2024-12-09T22:00:48+08:00",
|
||
"id": "https://xz.aliyun.com/t/16666",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "PolarD&N--2024冬季个人挑战赛--Crypto-WP"
|
||
}
|
||
},
|
||
{
|
||
"title": "Web安全--业务逻辑漏洞篇",
|
||
"link": "https://xz.aliyun.com/t/16665",
|
||
"published": "2024-12-09T21:57:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16665",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Web安全--业务逻辑漏洞篇"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024 polarctf 冬季个人挑战赛 web wp",
|
||
"link": "https://xz.aliyun.com/t/16664",
|
||
"published": "2024-12-09T21:40:37+08:00",
|
||
"id": "https://xz.aliyun.com/t/16664",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024 polarctf 冬季个人挑战赛 web wp"
|
||
}
|
||
},
|
||
{
|
||
"title": "JsonPickle调试分析原理及WAF绕过",
|
||
"link": "https://xz.aliyun.com/t/16661",
|
||
"published": "2024-12-09T21:01:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16661",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "JsonPickle调试分析原理及WAF绕过"
|
||
}
|
||
},
|
||
{
|
||
"title": "求被异或算法加密文件的KEY的骚操作",
|
||
"link": "https://xz.aliyun.com/t/16659",
|
||
"published": "2024-12-09T17:19:38+08:00",
|
||
"id": "https://xz.aliyun.com/t/16659",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "求被异或算法加密文件的KEY的骚操作"
|
||
}
|
||
},
|
||
{
|
||
"title": "从国城杯Ez_Gallery实现寻找WSGIRef内存马和Response响应头外带以及栈帧回显的尝试",
|
||
"link": "https://xz.aliyun.com/t/16657",
|
||
"published": "2024-12-09T15:55:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16657",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从国城杯Ez_Gallery实现寻找WSGIRef内存马和Response响应头外带以及栈帧回显的尝试"
|
||
}
|
||
},
|
||
{
|
||
"title": "kernel从小白到大神(六)-USMA",
|
||
"link": "https://xz.aliyun.com/t/16656",
|
||
"published": "2024-12-09T15:53:42+08:00",
|
||
"id": "https://xz.aliyun.com/t/16656",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "kernel从小白到大神(六)-USMA"
|
||
}
|
||
},
|
||
{
|
||
"title": "一道题了解虚拟机本身的机制实现的shellcode",
|
||
"link": "https://xz.aliyun.com/t/16655",
|
||
"published": "2024-12-09T15:36:44+08:00",
|
||
"id": "https://xz.aliyun.com/t/16655",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "一道题了解虚拟机本身的机制实现的shellcode"
|
||
}
|
||
},
|
||
{
|
||
"title": "protobuf脱壳二进制漏洞总结",
|
||
"link": "https://xz.aliyun.com/t/16654",
|
||
"published": "2024-12-09T14:47:44+08:00",
|
||
"id": "https://xz.aliyun.com/t/16654",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "protobuf脱壳二进制漏洞总结"
|
||
}
|
||
},
|
||
{
|
||
"title": "分享一次 C++ PWN 出题经历——深入研究异常处理机制",
|
||
"link": "https://xz.aliyun.com/t/16652",
|
||
"published": "2024-12-09T14:40:53+08:00",
|
||
"id": "https://xz.aliyun.com/t/16652",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "分享一次 C++ PWN 出题经历——深入研究异常处理机制"
|
||
}
|
||
},
|
||
{
|
||
"title": "实现xxl-job-executor 1.9.2阉割版Jetty服务的Handler内存马",
|
||
"link": "https://xz.aliyun.com/t/16651",
|
||
"published": "2024-12-09T13:49:53+08:00",
|
||
"id": "https://xz.aliyun.com/t/16651",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "实现xxl-job-executor 1.9.2阉割版Jetty服务的Handler内存马"
|
||
}
|
||
},
|
||
{
|
||
"title": "域渗透入门靶机之HTB-Administrator",
|
||
"link": "https://xz.aliyun.com/t/16650",
|
||
"published": "2024-12-09T13:35:23+08:00",
|
||
"id": "https://xz.aliyun.com/t/16650",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "域渗透入门靶机之HTB-Administrator"
|
||
}
|
||
},
|
||
{
|
||
"title": "对pyramid框架无回显的学习---以一道ctf题目为例",
|
||
"link": "https://xz.aliyun.com/t/16653",
|
||
"published": "2024-12-09T12:10:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16653",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "对pyramid框架无回显的学习---以一道ctf题目为例"
|
||
}
|
||
},
|
||
{
|
||
"title": "ATT&CK红队评估实战靶场二",
|
||
"link": "https://xz.aliyun.com/t/16648",
|
||
"published": "2024-12-09T12:04:52+08:00",
|
||
"id": "https://xz.aliyun.com/t/16648",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "ATT&CK红队评估实战靶场二"
|
||
}
|
||
},
|
||
{
|
||
"title": "[强网杯2024 Final] PWN1-heap 详解 (AES+2.31 unlink)",
|
||
"link": "https://xz.aliyun.com/t/16647",
|
||
"published": "2024-12-09T11:01:22+08:00",
|
||
"id": "https://xz.aliyun.com/t/16647",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "[强网杯2024 Final] PWN1-heap 详解 (AES+2.31 unlink)"
|
||
}
|
||
},
|
||
{
|
||
"title": "某某新闻逆向分析",
|
||
"link": "https://xz.aliyun.com/t/16646",
|
||
"published": "2024-12-09T10:38:07+08:00",
|
||
"id": "https://xz.aliyun.com/t/16646",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "某某新闻逆向分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "免杀基础-线程劫持",
|
||
"link": "https://xz.aliyun.com/t/16645",
|
||
"published": "2024-12-09T09:50:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16645",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "免杀基础-线程劫持"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024 强网杯决赛PWN部分解",
|
||
"link": "https://xz.aliyun.com/t/16642",
|
||
"published": "2024-12-08T23:39:16+08:00",
|
||
"id": "https://xz.aliyun.com/t/16642",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024 强网杯决赛PWN部分解"
|
||
}
|
||
},
|
||
{
|
||
"title": "Windows hook框架Detours踩坑",
|
||
"link": "https://xz.aliyun.com/t/16641",
|
||
"published": "2024-12-08T22:48:32+08:00",
|
||
"id": "https://xz.aliyun.com/t/16641",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Windows hook框架Detours踩坑"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024“国城杯”网络安全挑战大赛web方向部分wp",
|
||
"link": "https://xz.aliyun.com/t/16640",
|
||
"published": "2024-12-08T22:06:01+08:00",
|
||
"id": "https://xz.aliyun.com/t/16640",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024“国城杯”网络安全挑战大赛web方向部分wp"
|
||
}
|
||
},
|
||
{
|
||
"title": "Apache Commons Jelly漏洞分析",
|
||
"link": "https://xz.aliyun.com/t/16637",
|
||
"published": "2024-12-08T21:00:20+08:00",
|
||
"id": "https://xz.aliyun.com/t/16637",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Apache Commons Jelly漏洞分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "polar2024冬季个人挑战赛 re部分题解",
|
||
"link": "https://xz.aliyun.com/t/16636",
|
||
"published": "2024-12-08T20:47:19+08:00",
|
||
"id": "https://xz.aliyun.com/t/16636",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "polar2024冬季个人挑战赛 re部分题解"
|
||
}
|
||
},
|
||
{
|
||
"title": "从2024年网鼎杯半决赛入门IOT————IOT网络协议分析babyRTP",
|
||
"link": "https://xz.aliyun.com/t/16635",
|
||
"published": "2024-12-08T20:35:18+08:00",
|
||
"id": "https://xz.aliyun.com/t/16635",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从2024年网鼎杯半决赛入门IOT————IOT网络协议分析babyRTP"
|
||
}
|
||
},
|
||
{
|
||
"title": "入门级badusb框架的实现",
|
||
"link": "https://xz.aliyun.com/t/16633",
|
||
"published": "2024-12-08T17:11:38+08:00",
|
||
"id": "https://xz.aliyun.com/t/16633",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "入门级badusb框架的实现"
|
||
}
|
||
},
|
||
{
|
||
"title": "内存马生成工具JMG的哥斯拉插件:jmgg",
|
||
"link": "https://xz.aliyun.com/t/16632",
|
||
"published": "2024-12-08T16:49:18+08:00",
|
||
"id": "https://xz.aliyun.com/t/16632",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "内存马生成工具JMG的哥斯拉插件:jmgg"
|
||
}
|
||
},
|
||
{
|
||
"title": "pyramid 框架无回显挖掘",
|
||
"link": "https://xz.aliyun.com/t/16631",
|
||
"published": "2024-12-08T16:04:25+08:00",
|
||
"id": "https://xz.aliyun.com/t/16631",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "pyramid 框架无回显挖掘"
|
||
}
|
||
},
|
||
{
|
||
"title": "代码审计 - MCMS v5.4.1 0day挖掘",
|
||
"link": "https://xz.aliyun.com/t/16630",
|
||
"published": "2024-12-08T15:33:10+08:00",
|
||
"id": "https://xz.aliyun.com/t/16630",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "代码审计 - MCMS v5.4.1 0day挖掘"
|
||
}
|
||
},
|
||
{
|
||
"title": "从HECTF ezjava 入手 Vaadin 调用链挖掘",
|
||
"link": "https://xz.aliyun.com/t/16627",
|
||
"published": "2024-12-08T13:06:14+08:00",
|
||
"id": "https://xz.aliyun.com/t/16627",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从HECTF ezjava 入手 Vaadin 调用链挖掘"
|
||
}
|
||
},
|
||
{
|
||
"title": "x86汇编与编写shellcode",
|
||
"link": "https://xz.aliyun.com/t/16626",
|
||
"published": "2024-12-08T11:49:46+08:00",
|
||
"id": "https://xz.aliyun.com/t/16626",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "x86汇编与编写shellcode"
|
||
}
|
||
},
|
||
{
|
||
"title": "PolarCTF-2024冬季赛 (WEB)",
|
||
"link": "https://xz.aliyun.com/t/16624",
|
||
"published": "2024-12-08T10:49:52+08:00",
|
||
"id": "https://xz.aliyun.com/t/16624",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "PolarCTF-2024冬季赛 (WEB)"
|
||
}
|
||
},
|
||
{
|
||
"title": "PE 文件结构剖析:手工压缩与注入实战",
|
||
"link": "https://xz.aliyun.com/t/16622",
|
||
"published": "2024-12-08T02:05:35+08:00",
|
||
"id": "https://xz.aliyun.com/t/16622",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "PE 文件结构剖析:手工压缩与注入实战"
|
||
}
|
||
},
|
||
{
|
||
"title": "qwb-final-dataease代码审计",
|
||
"link": "https://xz.aliyun.com/t/16620",
|
||
"published": "2024-12-07T22:56:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16620",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "qwb-final-dataease代码审计"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024 国城杯 WriteUp",
|
||
"link": "https://xz.aliyun.com/t/16615",
|
||
"published": "2024-12-07T19:16:17+08:00",
|
||
"id": "https://xz.aliyun.com/t/16615",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024 国城杯 WriteUp"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024 国城杯取证 Just_F0r3n51Cs",
|
||
"link": "https://xz.aliyun.com/t/16612",
|
||
"published": "2024-12-07T17:25:45+08:00",
|
||
"id": "https://xz.aliyun.com/t/16612",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024 国城杯取证 Just_F0r3n51Cs"
|
||
}
|
||
},
|
||
{
|
||
"title": "如何HOST碰撞挖掘隐蔽资产",
|
||
"link": "https://xz.aliyun.com/t/16611",
|
||
"published": "2024-12-07T17:10:22+08:00",
|
||
"id": "https://xz.aliyun.com/t/16611",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "如何HOST碰撞挖掘隐蔽资产"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024国城杯初赛 re部分wp",
|
||
"link": "https://xz.aliyun.com/t/16610",
|
||
"published": "2024-12-07T17:10:19+08:00",
|
||
"id": "https://xz.aliyun.com/t/16610",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024国城杯初赛 re部分wp"
|
||
}
|
||
},
|
||
{
|
||
"title": "分析探究Java原生链反序列化绕过高版本fastjson打Spring马",
|
||
"link": "https://xz.aliyun.com/t/16608",
|
||
"published": "2024-12-07T16:46:56+08:00",
|
||
"id": "https://xz.aliyun.com/t/16608",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "分析探究Java原生链反序列化绕过高版本fastjson打Spring马"
|
||
}
|
||
},
|
||
{
|
||
"title": "记一道CC6-TemplatesImpl链和Jackson原链打Spring内存马的利用",
|
||
"link": "https://xz.aliyun.com/t/16601",
|
||
"published": "2024-12-07T16:45:23+08:00",
|
||
"id": "https://xz.aliyun.com/t/16601",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "记一道CC6-TemplatesImpl链和Jackson原链打Spring内存马的利用"
|
||
}
|
||
},
|
||
{
|
||
"title": "强网杯S8决赛RW赛道",
|
||
"link": "https://xz.aliyun.com/t/16607",
|
||
"published": "2024-12-07T16:39:52+08:00",
|
||
"id": "https://xz.aliyun.com/t/16607",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "强网杯S8决赛RW赛道"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024国城杯pwn详细全解",
|
||
"link": "https://xz.aliyun.com/t/16606",
|
||
"published": "2024-12-07T16:27:51+08:00",
|
||
"id": "https://xz.aliyun.com/t/16606",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024国城杯pwn详细全解"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024国城杯线上Crypto-WP",
|
||
"link": "https://xz.aliyun.com/t/16605",
|
||
"published": "2024-12-07T16:10:19+08:00",
|
||
"id": "https://xz.aliyun.com/t/16605",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024国城杯线上Crypto-WP"
|
||
}
|
||
},
|
||
{
|
||
"title": "强网S8决赛JsonPcikle Safe模式下的RCE与绕过分析研究",
|
||
"link": "https://xz.aliyun.com/t/16604",
|
||
"published": "2024-12-07T16:07:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16604",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "强网S8决赛JsonPcikle Safe模式下的RCE与绕过分析研究"
|
||
}
|
||
},
|
||
{
|
||
"title": "Pyramid 框架SSTI分析RCE",
|
||
"link": "https://xz.aliyun.com/t/16600",
|
||
"published": "2024-12-07T13:37:25+08:00",
|
||
"id": "https://xz.aliyun.com/t/16600",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Pyramid 框架SSTI分析RCE"
|
||
}
|
||
},
|
||
{
|
||
"title": "apk修改实践:绕过强制更新弹窗",
|
||
"link": "https://xz.aliyun.com/t/16599",
|
||
"published": "2024-12-07T11:02:35+08:00",
|
||
"id": "https://xz.aliyun.com/t/16599",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "apk修改实践:绕过强制更新弹窗"
|
||
}
|
||
},
|
||
{
|
||
"title": "浅析异常线程检测逻辑(unbacked)",
|
||
"link": "https://xz.aliyun.com/t/16598",
|
||
"published": "2024-12-07T10:30:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16598",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "浅析异常线程检测逻辑(unbacked)"
|
||
}
|
||
},
|
||
{
|
||
"title": "boofuzz 中的 Request 和 Path 源码分析",
|
||
"link": "https://xz.aliyun.com/t/16594",
|
||
"published": "2024-12-07T02:06:10+08:00",
|
||
"id": "https://xz.aliyun.com/t/16594",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "boofuzz 中的 Request 和 Path 源码分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "云函数实现代理绕过IP封锁",
|
||
"link": "https://xz.aliyun.com/t/16589",
|
||
"published": "2024-12-06T22:46:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16589",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "云函数实现代理绕过IP封锁"
|
||
}
|
||
},
|
||
{
|
||
"title": "CVE-2024-4181 run-llama/llama_index-SSE Command Injection分析",
|
||
"link": "https://xz.aliyun.com/t/16588",
|
||
"published": "2024-12-06T22:34:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16588",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "CVE-2024-4181 run-llama/llama_index-SSE Command Injection分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "若依一把梭哈工具源码分析",
|
||
"link": "https://xz.aliyun.com/t/16586",
|
||
"published": "2024-12-06T22:31:35+08:00",
|
||
"id": "https://xz.aliyun.com/t/16586",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "若依一把梭哈工具源码分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "CVE-2024-3408 D-tale bypassRCE分析",
|
||
"link": "https://xz.aliyun.com/t/16587",
|
||
"published": "2024-12-06T22:31:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16587",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "CVE-2024-3408 D-tale bypassRCE分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "S8强网杯 ez_login详解",
|
||
"link": "https://xz.aliyun.com/t/16582",
|
||
"published": "2024-12-06T20:08:01+08:00",
|
||
"id": "https://xz.aliyun.com/t/16582",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "S8强网杯 ez_login详解"
|
||
}
|
||
},
|
||
{
|
||
"title": "S8强网杯Final-thinkshopplus",
|
||
"link": "https://xz.aliyun.com/t/16581",
|
||
"published": "2024-12-06T19:01:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16581",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "S8强网杯Final-thinkshopplus"
|
||
}
|
||
},
|
||
{
|
||
"title": "gRPC&Go: XCTF联赛DubheCTF2024 - ggbond 详细题解",
|
||
"link": "https://xz.aliyun.com/t/16580",
|
||
"published": "2024-12-06T17:51:46+08:00",
|
||
"id": "https://xz.aliyun.com/t/16580",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "gRPC&Go: XCTF联赛DubheCTF2024 - ggbond 详细题解"
|
||
}
|
||
},
|
||
{
|
||
"title": "免杀基础-shellcode开发",
|
||
"link": "https://xz.aliyun.com/t/16579",
|
||
"published": "2024-12-06T15:19:56+08:00",
|
||
"id": "https://xz.aliyun.com/t/16579",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "免杀基础-shellcode开发"
|
||
}
|
||
},
|
||
{
|
||
"title": "基于JavaSecLab 一款综合Java漏洞平台的学习思考(二)",
|
||
"link": "https://xz.aliyun.com/t/16577",
|
||
"published": "2024-12-06T14:10:30+08:00",
|
||
"id": "https://xz.aliyun.com/t/16577",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "基于JavaSecLab 一款综合Java漏洞平台的学习思考(二)"
|
||
}
|
||
},
|
||
{
|
||
"title": "JFinal CMS 5.1.0 命令执行漏洞分析(CVE-2024-53477)",
|
||
"link": "https://xz.aliyun.com/t/16575",
|
||
"published": "2024-12-06T13:27:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16575",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "JFinal CMS 5.1.0 命令执行漏洞分析(CVE-2024-53477)"
|
||
}
|
||
},
|
||
{
|
||
"title": "Sharp4Killdefender:通过修改注册表关闭Windows Defender",
|
||
"link": "https://xz.aliyun.com/t/16574",
|
||
"published": "2024-12-06T13:00:24+08:00",
|
||
"id": "https://xz.aliyun.com/t/16574",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Sharp4Killdefender:通过修改注册表关闭Windows Defender"
|
||
}
|
||
},
|
||
{
|
||
"title": "从一道java题体验 scxml漏洞",
|
||
"link": "https://xz.aliyun.com/t/16572",
|
||
"published": "2024-12-06T12:13:03+08:00",
|
||
"id": "https://xz.aliyun.com/t/16572",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从一道java题体验 scxml漏洞"
|
||
}
|
||
},
|
||
{
|
||
"title": "一次Telegram窃取程序的深入解析:从技术细节到定位攻击者账户的完整流程",
|
||
"link": "https://xz.aliyun.com/t/16570",
|
||
"published": "2024-12-06T12:01:42+08:00",
|
||
"id": "https://xz.aliyun.com/t/16570",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "一次Telegram窃取程序的深入解析:从技术细节到定位攻击者账户的完整流程"
|
||
}
|
||
},
|
||
{
|
||
"title": "CVE-2018-1270 spring-messaging RCE 深入分析",
|
||
"link": "https://xz.aliyun.com/t/16569",
|
||
"published": "2024-12-06T11:44:58+08:00",
|
||
"id": "https://xz.aliyun.com/t/16569",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "CVE-2018-1270 spring-messaging RCE 深入分析"
|
||
}
|
||
},
|
||
{
|
||
"title": "DTStack Taier 1.4.0 listNames sql注入分析(CVE-2024-41579)",
|
||
"link": "https://xz.aliyun.com/t/16568",
|
||
"published": "2024-12-06T11:08:37+08:00",
|
||
"id": "https://xz.aliyun.com/t/16568",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "DTStack Taier 1.4.0 listNames sql注入分析(CVE-2024-41579)"
|
||
}
|
||
},
|
||
{
|
||
"title": "基于environ变量的堆题攻击栈空间",
|
||
"link": "https://xz.aliyun.com/t/16566",
|
||
"published": "2024-12-05T22:29:29+08:00",
|
||
"id": "https://xz.aliyun.com/t/16566",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "基于environ变量的堆题攻击栈空间"
|
||
}
|
||
},
|
||
{
|
||
"title": "burpsuite数据包自动加解密插件,autoDecoder详细安装+使用",
|
||
"link": "https://xz.aliyun.com/t/16564",
|
||
"published": "2024-12-05T16:57:14+08:00",
|
||
"id": "https://xz.aliyun.com/t/16564",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "burpsuite数据包自动加解密插件,autoDecoder详细安装+使用"
|
||
}
|
||
},
|
||
{
|
||
"title": "一次红队恶意程序分析溯源",
|
||
"link": "https://xz.aliyun.com/t/16563",
|
||
"published": "2024-12-05T15:39:11+08:00",
|
||
"id": "https://xz.aliyun.com/t/16563",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "一次红队恶意程序分析溯源"
|
||
}
|
||
},
|
||
{
|
||
"title": "深入异构 PWN:PowerPC&ARM&MIPS",
|
||
"link": "https://xz.aliyun.com/t/16562",
|
||
"published": "2024-12-05T14:23:42+08:00",
|
||
"id": "https://xz.aliyun.com/t/16562",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "深入异构 PWN:PowerPC&ARM&MIPS"
|
||
}
|
||
},
|
||
{
|
||
"title": "llvm pass 初探",
|
||
"link": "https://xz.aliyun.com/t/16558",
|
||
"published": "2024-12-05T12:04:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16558",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "llvm pass 初探"
|
||
}
|
||
},
|
||
{
|
||
"title": "从源码的角度学习 boofuzz 函数的使用",
|
||
"link": "https://xz.aliyun.com/t/16554",
|
||
"published": "2024-12-05T01:05:47+08:00",
|
||
"id": "https://xz.aliyun.com/t/16554",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从源码的角度学习 boofuzz 函数的使用"
|
||
}
|
||
},
|
||
{
|
||
"title": "分享最近攻防演练HVV漏洞复盘",
|
||
"link": "https://xz.aliyun.com/t/16553",
|
||
"published": "2024-12-04T21:11:09+08:00",
|
||
"id": "https://xz.aliyun.com/t/16553",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "分享最近攻防演练HVV漏洞复盘"
|
||
}
|
||
},
|
||
{
|
||
"title": "伪装成ToDesk安装程序加载后门盗取数字货币",
|
||
"link": "https://xz.aliyun.com/t/16552",
|
||
"published": "2024-12-04T20:00:59+08:00",
|
||
"id": "https://xz.aliyun.com/t/16552",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "伪装成ToDesk安装程序加载后门盗取数字货币"
|
||
}
|
||
},
|
||
{
|
||
"title": "Android逆向实战——以某APP跳过广告为例",
|
||
"link": "https://xz.aliyun.com/t/16550",
|
||
"published": "2024-12-04T17:38:00+08:00",
|
||
"id": "https://xz.aliyun.com/t/16550",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Android逆向实战——以某APP跳过广告为例"
|
||
}
|
||
},
|
||
{
|
||
"title": "webpwn的一些总结",
|
||
"link": "https://xz.aliyun.com/t/16549",
|
||
"published": "2024-12-04T17:20:50+08:00",
|
||
"id": "https://xz.aliyun.com/t/16549",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "webpwn的一些总结"
|
||
}
|
||
},
|
||
{
|
||
"title": "Fastjson反序列化漏洞深度解析与利用和修复",
|
||
"link": "https://xz.aliyun.com/t/16547",
|
||
"published": "2024-12-04T15:18:05+08:00",
|
||
"id": "https://xz.aliyun.com/t/16547",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "Fastjson反序列化漏洞深度解析与利用和修复"
|
||
}
|
||
},
|
||
{
|
||
"title": "2024金盾信安杯线上题目wp",
|
||
"link": "https://xz.aliyun.com/t/16546",
|
||
"published": "2024-12-04T15:08:41+08:00",
|
||
"id": "https://xz.aliyun.com/t/16546",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "2024金盾信安杯线上题目wp"
|
||
}
|
||
},
|
||
{
|
||
"title": "高版本Fastjson反序列化Xtring新链和EventListenerList绕过",
|
||
"link": "https://xz.aliyun.com/t/16540",
|
||
"published": "2024-12-04T13:59:43+08:00",
|
||
"id": "https://xz.aliyun.com/t/16540",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "高版本Fastjson反序列化Xtring新链和EventListenerList绕过"
|
||
}
|
||
},
|
||
{
|
||
"title": "域渗透入门靶机之HTB-Cicada",
|
||
"link": "https://xz.aliyun.com/t/16539",
|
||
"published": "2024-12-04T13:10:46+08:00",
|
||
"id": "https://xz.aliyun.com/t/16539",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "域渗透入门靶机之HTB-Cicada"
|
||
}
|
||
},
|
||
{
|
||
"title": "java加载动态链接库绕过一些限制的思考",
|
||
"link": "https://xz.aliyun.com/t/16538",
|
||
"published": "2024-12-04T11:12:08+08:00",
|
||
"id": "https://xz.aliyun.com/t/16538",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "java加载动态链接库绕过一些限制的思考"
|
||
}
|
||
},
|
||
{
|
||
"title": "从零构建:我的漏洞扫描器之旅",
|
||
"link": "https://xz.aliyun.com/t/16537",
|
||
"published": "2024-12-04T10:38:46+08:00",
|
||
"id": "https://xz.aliyun.com/t/16537",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "从零构建:我的漏洞扫描器之旅"
|
||
}
|
||
},
|
||
{
|
||
"title": "CS代码审计配合Jdbc反序列化漏洞的利用",
|
||
"link": "https://xz.aliyun.com/t/16536",
|
||
"published": "2024-12-03T23:58:20+08:00",
|
||
"id": "https://xz.aliyun.com/t/16536",
|
||
"summary": {
|
||
"@type": "html",
|
||
"#text": "CS代码审计配合Jdbc反序列化漏洞的利用"
|
||
}
|
||
}
|
||
] |