Doonsec's feedhttp://wechat.doonsec.com/MzkyMzcyMjgwNA.xmlThe latest security articles about WeChat official accountzh-CNThu, 11 Dec 2025 08:35:53 GMTPyRSS2Gen-1.1.0http://blogs.law.harvard.edu/tech/rsshttp://wechat.doonsec.com/Doonsechttp://wechat.doonsec.com/static/front/img/doonsec_bak3.png获取linux登录密码https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247484012&idx=1&sn=e43a45ebb52b78ebcc503e15ad324274爱坤sec爱坤sec2025-12-11T02:30:38自研的c2https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483994&idx=1&sn=bd1ac74e565753a1258b2fdf7e1fb46c爱坤sec爱坤sec2025-05-14T02:30:51Wordpress SureTriggers插件漏洞(CVE-2025-3102)创建未经身份验证的管理用户https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483985&idx=1&sn=cfbade59a9a0c0c5625511c1b1198691爱坤sec爱坤sec2025-04-18T23:24:24Teamview安装版密码提取免杀(最新版)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483980&idx=1&sn=b6b674ad2ccd90b691ac4a205d7c71c2爱坤sec爱坤sec2025-04-17T23:09:23Todesk密码提取免杀(最新版)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483968&idx=1&sn=7ea838f1187864cf80092d0496c3967b爱坤sec爱坤sec2025-04-14T21:49:52LangFlow低代码平台rce漏洞(CVE-2025-3248)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483956&idx=1&sn=5ca8231305d6a72923a453b9999aa6e5爱坤sec爱坤sec2025-04-14T02:30:00GeoServer-Tools-CVE-2024-36401内存马利用工具https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483951&idx=1&sn=a2682aafbaf36a8d13f230de07e070e2爱坤sec爱坤sec2025-04-13T02:30:00nextjs中间件权限绕过漏洞(CVE-2025-29927)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483941&idx=1&sn=800f2091e3d20945c642bb27c098819e爱坤sec爱坤sec2025-04-13T00:08:36浅入解析Linux密码存储方式与利用技巧https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483935&idx=1&sn=5e68aa86e0e02eebdb2593ac7fef3202爱坤sec爱坤sec2025-04-03T19:07:57上古神器Pwnkit提权检测:如何排除它的踪迹,守护系统安全(CVE-2021-4034)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483914&idx=1&sn=c8315e7348b64b2db11e467ea90888a7什么是 pkexec?Linux 中有个工具叫 pkexec ,它的作用是允许普通用户以管理员(root)身份运行命令。爱坤sec爱坤sec2025-03-29T16:24:06Koha CVE-2025-22954:lateissues-export.pl SQL 注入https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483899&idx=1&sn=2919ed10e40b56be56a33a6bdaa48792漏洞获取地址在文章末尾概述Koha是网页界面的图书馆自动化管理系统,使用 MariaDB 或 MySQL 等S爱坤sec爱坤sec2025-03-21T02:31:05Metasploit 利用CVE-2025-24071(NTLM Hash Leak via .library-ms File)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483894&idx=1&sn=c06baefca204bea6479a5b7541691193爱坤sec爱坤sec2025-03-20T00:02:48poc难找?无问AI来帮你https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483882&idx=1&sn=b5e4c934610b742b1a66c27dfdabc7a6爱坤sec爱坤sec2025-03-19T22:23:05Wazuh RCE漏洞CVE-2025-24016https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483872&idx=1&sn=31b810718d480ba119f67d3e1712ba07漏洞批量nuclei验证获取地址在文章末尾漏洞概述该漏洞允许具有 API 访问权限的远程攻击者(受感染的仪表板爱坤sec爱坤sec2025-03-18T22:06:40nakivo-任意文件读取(CVE-2024-48248)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483864&idx=1&sn=eaf0d54456e96445a3d8631fae219d46爱坤sec爱坤sec2025-03-17T23:30:38使用SUSFS隐藏你的设备环境https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483858&idx=1&sn=f9698a27ff303e6102635e533baf1ef5爱坤sec爱坤sec2025-03-16T20:07:38KSU完美过环境https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483857&idx=1&sn=5a8ee944dbb7db6265b18dacfa03ce28爱坤sec爱坤sec2025-03-15T17:20:42原版Ksu(LKM)转Ksu Next(GKI)并隐藏过牛头人教程https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483856&idx=1&sn=1621cb0cd7b0cdae824fdb8b2494da50爱坤sec爱坤sec2025-03-14T18:42:12tomcat-CVE-2025-24813批量检测脚本https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483801&idx=1&sn=adcb2d4cabb8a6d28d6ecd1169bb6986爱坤sec爱坤sec2025-03-13T21:56:01Ivanti Unauthenticated RCE(CVE-2024-8190)https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483795&idx=1&sn=9f3a6f1b4943c35a1feeabd78e93e029爱坤sec爱坤sec2025-03-11T22:11:25linux权限维持-udev后门https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483789&idx=1&sn=1623fb76939d09902a19e383a3e3fa16爱坤sec爱坤sec2025-03-10T22:08:11轮询代理池-让你每次请求的ip都不一样https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483781&idx=1&sn=15fd25798b4b73c40ef3423ac59866f6爱坤sec爱坤sec2025-03-05T22:46:09exchange邮件账号密码爆破https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483746&idx=1&sn=e78efb4b159ca2b8d17b61b2e42d97ea爱坤sec爱坤sec2025-02-08T23:28:17Linux用户权限捕获并解析任意http/https流量-超级无敌好用https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483741&idx=1&sn=7586140fa1f0670d86c2e37f9ec93a0d爱坤sec爱坤sec2025-02-07T20:43:45Windows权限维持-保姆级https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483694&idx=1&sn=9a6a6d8ed58cffbe6cec4685b67ed083爱坤sec爱坤sec2025-02-06T20:53:54Linux权限维持-保姆级https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483688&idx=1&sn=ef19db8ffa3567e28a2afec8e57daa60爱坤sec爱坤sec2025-02-05T20:48:51Linux提权之Capabilities提权https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483682&idx=1&sn=5fbd36de98e3798e1bc10a3960cc25cb爱坤sec爱坤sec2025-01-22T23:42:05保姆级Havoc搭建教程https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483670&idx=1&sn=97a1d8b7d4da68c7c3149a0075eb3143爱坤sec爱坤sec2025-01-21T23:32:04CVE-2025-0282 Ivanti Connect Secure RCE 漏洞复现https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483660&idx=1&sn=019e2577a4f383a58234f8fb5e334b7f爱坤sec爱坤sec2025-01-14T23:42:17Palo CVE-2024-0012漏洞利用https://mp.weixin.qq.com/s?__biz=MzkyMzcyMjgwNA==&mid=2247483654&idx=1&sn=54117615219fc5eae78a56c748c36bf5爱坤sec爱坤sec2024-11-22T01:31:02