分类技术分享下的文章

Luke Viruswalker 发布于 11月29, 2016

Three roads lead to Rome

Linan Hao of Qihoo 360 Vulcan Team

Preface :

In the past two years, I did some work on browser security, mainly focus on Fuzzing, as to user mode vulnerability hunting, fuzzing is performing well in the quality of the bugs and the CVE production.

Until some big players involved, and a growing number of fuzzers were published online, vulnerability hunting requires a more rigorous approach. What’s more, the MemGC used by Microsoft Edge make it much more difficult to find a bug by the way of fuzzing than before. Only a little bugs which are exploitable that find by fuzzing always killed by other bug hunters, because as time goes on, our fuzzers become the same.

阅读全文 »

Luke Viruswalker 发布于 11月29, 2016

Three roads lead to Rome

Linan Hao of Qihoo 360 Vulcan Team

前言:

在过去的两年里一直关注于浏览器方面的研究,主要以Fuzz为主,fuzzing在用户态的漏洞挖掘中,无论是漏洞质量还是CVE产出一直效果不错。直到一些大玩家的介入,以及大量的fuzzer在互联网公开,寻找bug需要更苛刻的思路。后来Edge中使用的MemGC使fuzz方式找漏洞更加困难,fuzz出仅有的几个能用的漏洞还总被其他人撞掉,因为大家的fuzzer是越长越像。于是今年上半年pwn2own之后开始更多的源码审计并有了些效果,起初认为存量足够了,但大概在7月份左右开始,手头的bug以每月2+的速度被撞掉(MS、ChakraCodeTeam、ZDI、Natalie、360…),本文描述的bug也是其中一个。因为这个漏洞的利用方式还是比较有趣的,经历了几次改变,值得说一下。

阅读全文 »

misaka12306 发布于 10月22, 2015

从Nday漏洞被利用谈补丁与安全软件的重要性

I. 由CVE-2014-6332引发的血案

去年年底,360安全中心监控发现,原本已经平静一段时间的网页挂马数量骤增,相关的恶意软件传播量也开始暴增,大量由漏洞引发的木马攻击案例不断出现。360网页防护也在快速更新,动态拦截了大批挂马攻击,并拦截了大量挂马网站的访问。

阅读全文 »