404 English Paper – Guge's blog

CVE-2020-3119 Cisco CDP Stack Overflow Analysis

2020年3月27日 by paper - Last paper

Author：Hcamael@Knownsec 404 Team Time: March 19, 2020 Chinese version:https://paper.seebug.org/1154/ The Cisco Discovery Protocol (CDP) is a link layer protocol used to discove...

Hessian deserialization and related gadget chains

2020年3月3日 by paper - Last paper

Author：Longofo@Knownsec 404 Team Time: February 20, 2020 Chinese version: https://paper.seebug.org/1131/ Not long ago, there was a vulnerability about Apache Dubbo Http deserial...

Getting Started with Chrome Ext Security (Extra)-Zoomeye Tools

2020年2月3日 by paper - Last paper

Author: LoRexxar'@Knownsec 404 Team Chinese Version: https://paper.seebug.org/1115/ Our last two researches are about Chrome Ext security. This time we will put Chrome extension sec...

CSS-T | Mysql Client Arbitrary File Reading Attack Chain Extension

2020年1月14日 by paper - Last paper

Author:LoRexxar@Knownsec 404Team & Dawu@Knownsec 404Team Chinese version: https://paper.seebug.org/1112/ This may be a vulnerability that has been released a long time ago, but I saw Dragon S...

Linux HIDS agent Summary and User Status HOOK [1]

2019年12月27日 by paper - Last paper

Author: u2400@Knownsec 404 Team Chinese version: https://paper.seebug.org/1102/ Foreword: Recently, I have implemented HIDS agent in linux. When searching for data, I found that although there ar...

Discuz! X≤3.4 Arbitrary File Deletion Vulnerability Analysis

2019年12月13日 by paper - Last paper

Author：LoRexxar '@Knownsec 404 Team Time: September 30, 2017 Chinese version: https://paper.seebug.org/411/ 0x01 Briefing Discuz! X community software is a forum with exc...

Getting to know JavaAgent –Getting all the loaded classes of the target process

2019年12月12日 by paper - Last paper

Author：Longofo@Knownsec 404 Team Time: December 10, 2019 Chinese version: https://paper.seebug.org/1099/ An error occurred during the deserialization test with a class ...

Analysis of Typecho Front-end Getshell Vulnerability

2019年12月10日 by paper - Last paper

Author: LoRexxar'@Knownsec 404 Team Chinese version: https://paper.seebug.org/424/ 0x01 Foreword Typecho is a PHP Blogging Platform. Its database includes Mysql，PostgreSQL，SQLite an...

Getting Started with Chrome Ext Security from Zero（2） — Security Chrome Ext

2019年12月9日 by paper - Last paper

Author: LoRexxar'@Knownsec 404 Team Chinese Version: https://paper.seebug.org/1092/ In early 2019, Microsoft chose Chromium as the default browser and abandoned the development of Edge. And on Apri...

Getting Started with Chrome Ext Security from Zero（1） — A New Chrome Ext

2019年12月9日 by paper - Last paper

Author: LoRexxar'@Knownsec 404 Team Chinese Version: https://paper.seebug.org/1082/ In early 2019, Microsoft chose Chromium as the default browser and abandoned the development of Edge. And on Apri...