杂谈
今天的分享依旧是三部分
- 恶意IP/域名情报
- 一些厂商漏洞汇总
- 你关心的趣事
恶意IP/域名情报
![图片[1]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726184735472.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
一些厂商漏洞
你以为的护网?和真实的护网?
你以为的护网?黑客反弹shell?
![图片[2]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726185805759.gif)
实际上的护网
![图片[3]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726185852964.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
当然,还有其他热血网友分享的图片
![图片[4]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726190854992-1024x618.jpg?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
当然,这是玩笑了,在蓝队除了封IP,还有很多可以做的事情。比方说溯源啦,再比方说写技战法的报告了都可以有额外加分的!
A1小姐姐是谁?Y5、V10小姐姐又是谁?
热血网友YY了一个A1小姐姐,Y5、V10也可谓是YY出来的
![图片[5]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726191211806.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
![图片[6]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726191313840.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
之后有趣的事情,有热心网友还专门做了A1小姐姐的照片,还生成了二维码
网友直呼内网,甚至连后缀都不改
原帖链接https://x.threatbook.com/v5/article?threatInfoID=18104
![图片[7]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726191415679.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
图片马、图片隐写相关的知识可以参考之前的分享
11个月前蓝队也有骚套路?
之前Fofa推出了Fofahub产品,可以限量注册,我还在Cyberpig群里发了三个邀请码
![图片[8]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726192019819.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
之后由于注册仅限1000人,就不再开放了,然后在护网期间就有热心网友做了下面的项目
https://github.com/fofahub/fofahubkey
引导用户下载docx文件去寻找激活码
![图片[9]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726192222366.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
项目中的docx文件,使用了canarytokens,用于获取打开文件用户的外网IP地址。(蓝队给红队下的套?)
回传地址:http://canarytokens.com/terms/articles/ayz4tfaqbetnwn1pz1gmqspi3/post.jsp
![图片[10]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726192247336.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
疑似恶搞泼脏水给K8
项目地址:https://github.com/gonghar/2022hvv_NC_0day_exp
文件hash值
daac90ef7a351ce5e17004308bb0c877decde1462fe17399c7c6587d16439a6f样本分析地址
![图片[11]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726192518660-1024x727.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
至于为什么说泼水,自己看看就知道咯
![图片[12]-2022护网日记第二天-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/07/20220726192653916.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
护网期间压力大吗?
你看我今天几点推送的就知道压力大不大了😊
© 版权声明
THE END
- 最新
- 最热
只看作者