0x00 前言 在上篇研究了ClickOnce的渗透技巧，接触到了安装包的概念。关于安装包还有一个常见的是msi文件，可在命令行下通过msiexec安装，所以这次就研究一下msiexec在渗透测试中的利用技巧 0x01 简介 msiexec: 系统进程，是Windows Installer的一部分 用于安装Windows Installer安装包（MSI） 一般在运行Microsoft Update安装更新或安装部分软件的时候出现，占用内存比较大 系统自带，在命令行下使用，参数说明如下： msiexec /Opti…

美国中央情报局（ CIA ）昨天首次公布了收集、分析和存储美国公民信息的最新规则。 据中央情报局总顾问卡罗琳 （Caroline Krass)表示：“这份新规则将会以保护美国公民隐私权的方式来实行”。自从“棱镜”计划被曝光以来，美国公民就对政府肆意滥用的监管权力非常的不满，而这份新规则的发布有可能让不满情绪达到一个顶点。另外一点值得注意的就是，该规则是在新总统宣誓就职的前两天发布的，鉴于此，这份新规则可能还会被新一届政府再做处理，不过撤销的可能性不大，因为。特朗普就曾表示过，他支持更强大的政府监督权力，包括监控美国…

物联网已经被视为继计算机和互联网之后的第三次信息技术革命。2017年也被行业称为物联网商用元年。然而，随着物联网产业和技术的快速发展，物联网的安全问题日趋突显。 由于物联网技术将虚拟世界与物理世界结合在一起，通过虚拟世界的数字信息就可以控制物理世界的关键设备甚至基础设施，因此物联网的安全关系国家安全与社会稳定。 匡恩网络于今日发布《2016年度物联网安全研究报告》（以下简称《研究报告》），从政策指导、物联网安全架构技术分析及物联网产业落地发展等，多角度分析了2016年物联网产业环境，显示出我国物联网产业已经进入多行…

Zerodium2016年零日漏洞价位表 趋势科技的ZDI（零日计划）发布了一份674个漏洞的年度报告，根据这份名为“2016回顾”的报告，ZDI计划在一年内共向漏洞报告者支付了近200万美元的赏金。 ZDI用奖金来鼓励漏洞披露，然而该公司没有将手中的漏洞进行售卖或分发，而是使用用相关信息来保护TippingPoint的消费者免受潜在的攻击，这种防护甚至会早于补丁。 在这份报告中，有54个漏洞没有在披露的时候完成修补，其余的漏洞都在ZDI和受影响供应商的妥善合作中得以解决。研究人员在过去的一年里向ZDI提交了很多漏…

近日，国际知名咨询机构Gartner发布了IDPS（Intrusion Detection and Prevention Systems入侵检测与防御系统）魔力象限，山石网科凭借业界领先的技术实力成功入选。此次是继企业级防火墙、UTM魔力象限之后，山石网科入选的又一个重要象限，山石网科所着力发展的综合安全防护能力得到了权威的关注与认可。 Gartner在报告中表示，山石网科入侵检测与防御产品线覆盖了不同等级的流量环境，可为不同规模体量的用户提供灵活的选择。尤其在中小型企业市场中，山石网科侵检测与防御产品以高性价比及…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for squid to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for qemu to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability can also be used to cause a limited denial of servic…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for perl-dbd-mysql to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can also be used to cause…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for squid to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP1 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方…

漏洞类别：Local 漏洞等级： 漏洞信息 Java Runtime Environment (JRE) is a platform that supports the execution of programs that are developed using the Java programming language. The JRE platform also supports Java Applets, which can be loaded from Web pages. JRE and JDK are …

漏洞类别：Solaris 漏洞等级： 漏洞信息 The target does not have Solaris 11.3 SRU 16.3.0 applied. The Support Repository Updates provide patch bundles/updates that primarily contain bug fixes. 漏洞危害 Exploitation could allow an attacker to compromise a vulnerable system. 解决方案 A…

漏洞类别：Database 漏洞等级： 漏洞信息 Oracle released a Critical Patch Update advisory for January 2017 that addresses several security vulnerabilities. The following Oracle database component are affected: - OJVM - RDBMS Security 漏洞危害 An attacker could affect the confiden…

漏洞类别：Database 漏洞等级： 漏洞信息 Oracle Database Patch Set Updates are proactive cumulative patches containing recommended bug fixes that are released on a regular schedule. Affected Software: Oracle Database 12.1.0.2 漏洞危害 Failure to apply this patch could lead to los…

漏洞类别：Database 漏洞等级： 漏洞信息 This Critical Patch Update contains 27 new security fixes for Oracle MySQL. 5 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials. Affect…

漏洞类别：Database 漏洞等级： 漏洞信息 Oracle Database Patch Set Updates are proactive cumulative patches containing recommended bug fixes that are released on a regular schedule. Affected Software: Oracle Database 11.2.0.4 漏洞危害 Failure to apply this patch could lead to los…

漏洞类别：DNS and BIND 漏洞等级： 漏洞信息 ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols. Two vulnerabilities exist in BIND: 1) An error may allow access to the cache via recursion even though an ACL disallows it. 2) An error when processing …

漏洞类别：DNS and BIND 漏洞等级： 漏洞信息 ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols. ISC BIND is prone to a remote denial of service vulnerability because the software fails to handle certain record types. An attacker can exploit this is…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow exec…

漏洞类别：DNS and BIND 漏洞等级： 漏洞信息 ISC BIND is open source software that implements the Domain Name System (DNS) protocols for the Internet. Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible …

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for php-phpmailer to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 CVE-2016-10033:-To exploit the vulnerability an attacker could target common website components such as contact/feedback forms, r…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for tinymce to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation could lead to XSS attacks. 解决方案 Fedora has issued updated packages to fix this vulnerability. Updates can be in…

漏洞类别：CGI 漏洞等级： 漏洞信息 Firebird is an open source SQL relational database management system. The version of Firebird on the remote host uses default credentials to control access, an attacker can gain administrative access to the affected application. 漏洞危害 On suc…

漏洞类别：CGI 漏洞等级： 漏洞信息 Joomla! is a free open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS feeds, …

漏洞类别：General remote services 漏洞等级： 漏洞信息 Nagios Core is a free and open source computer-software application that monitors systems, networks and infrastructure. The vulnerability is caused by the implementation of a vulnerable component for handling RSS news fe…

漏洞类别：Local 漏洞等级： 漏洞信息 Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. (CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2…