2022护网日记第二天

作者:FancyPig | 发布时间: | 更新时间:

杂谈

今天的分享依旧是三部分

  • 恶意IP/域名情报
  • 一些厂商漏洞汇总
  • 你关心的趣事

恶意IP/域名情报

共计1725条
在线预览立即下载

一些厂商漏洞

接到相关要求,现已隐藏漏洞相关内容,更多精彩可以关注我们的微信公众号

你以为的护网?和真实的护网?

你以为的护网?黑客反弹shell?

data-postsbox="{"id":6757,"title":"黑客是如何远程控制一台电脑/服务器的?反弹shell了解一下!","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":5793,"comment_count":7,"category":"cybersecurity","is_forum_post":false}">{"id":6757,"title":"黑客是如何远程控制一台电脑/服务器的?反弹shell了解一下!","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":5793,"comment_count":7,"category":"cybersecurity","is_forum_post":false}
点开观看动图

实际上的护网

当然,还有其他热血网友分享的图片

当然,这是玩笑了,在蓝队除了封IP,还有很多可以做的事情。比方说溯源啦,再比方说写技战法的报告了都可以有额外加分的!

A1小姐姐是谁?Y5、V10小姐姐又是谁?

热血网友YY了一个A1小姐姐,Y5、V10也可谓是YY出来的

然后网友们开始疯狂A1小姐姐带节奏,还有人说A1小姐姐是奇安信的

之后有趣的事情,有热心网友还专门做了A1小姐姐的照片,还生成了二维码

网友直呼内网,甚至连后缀都不改

原帖链接https://x.threatbook.com/v5/article?threatInfoID=18104

图片马、图片隐写相关的知识可以参考之前的分享

data-postsbox="{"id":6701,"title":"有趣的图片隐写术,如何发现图片中更多的秘密?结尾有一个奖励的小彩蛋,快来看!","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":4352,"comment_count":75,"category":"knowledge","is_forum_post":false}">{"id":6701,"title":"有趣的图片隐写术,如何发现图片中更多的秘密?结尾有一个奖励的小彩蛋,快来看!","author":"FancyPig","author_id":1,"cover_image":"","cover_video":"","views":4352,"comment_count":75,"category":"knowledge","is_forum_post":false}
data-postsbox="{"id":3523,"title":"有趣的图片隐写技术 揭秘图片背后更多的秘密","author":"热心网友","author_id":9547,"cover_image":"","cover_video":"","views":4668,"comment_count":120,"category":"cybersecurity","is_forum_post":false}">{"id":3523,"title":"有趣的图片隐写技术 揭秘图片背后更多的秘密","author":"热心网友","author_id":9547,"cover_image":"","cover_video":"","views":4668,"comment_count":120,"category":"cybersecurity","is_forum_post":false}
data-postsbox="{"id":17366,"title":"手把手带你了解图片木马的制作流程","author":"世言","author_id":41762,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2022/06/20220605144038330.png","cover_video":"","views":4105,"comment_count":689,"category":"knowledge","is_forum_post":false}">{"id":17366,"title":"手把手带你了解图片木马的制作流程","author":"世言","author_id":41762,"cover_image":"https://static.pigsec.cn/wp-content/uploads/2022/06/20220605144038330.png","cover_video":"","views":4105,"comment_count":689,"category":"knowledge","is_forum_post":false}

蓝队也有骚套路?

之前Fofa推出了Fofahub产品,可以限量注册,我还在Cyberpig群里发了三个邀请码

之后由于注册仅限1000人,就不再开放了,然后在护网期间就有热心网友做了下面的项目

https://github.com/fofahub/fofahubkey

引导用户下载docx文件去寻找激活码

项目中的docx文件,使用了canarytokens,用于获取打开文件用户的外网IP地址。(蓝队给红队下的套?)
回传地址:http://canarytokens.com/terms/articles/ayz4tfaqbetnwn1pz1gmqspi3/post.jsp

疑似恶搞泼脏水给K8

项目地址:https://github.com/gonghar/2022hvv_NC_0day_exp

文件hash值

daac90ef7a351ce5e17004308bb0c877decde1462fe17399c7c6587d16439a6f

样本分析地址

https://s.threatbook.com/report/file/daac90ef7a351ce5e17004308bb0c877decde1462fe17399c7c6587d16439a6f

至于为什么说泼水,自己看看就知道咯

护网期间压力大吗?

你看我今天几点推送的就知道压力大不大了😊

标签:泛微, 蓝凌OA, Coremail邮箱, 启明星辰天玥网络安全审计系统, 泛微Office, 用友NC, 泛微 V9, 小鱼易连