Collaborate Disseminate
I’m performing Overpass the hash attack @ CompTIA Pentest+ > Attacks and Exploits > Lateral Movement and Pivoting > Task 3 > Let’s Get to Work!
I dumped Key of my target user: t1_toby.beck & then attempted to send reverse s… Continue reading Getting reverse shell as another user
I’m looking for a program for Windows that can securely store my code. The program should be able to encrypt my files on-the-fly, such that only the file I’m currently using is kept decrypted (mainly the current source file(s) I’m working … Continue reading Zero-day prevention. Is there a Windows program that encrypts files on-the-fly, keeping only the currently open file decrypted?
DLL hijacking (I believe) is when a dll with a name identical to a system dll is placed higher up in the search directory precedence: like placing a malicious dll named secur32.dll or winsock.dll next to a trusted executable and waiting fo… Continue reading What does Windows do to prevent dll hijacking?
I’m reading this document: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/exploit-protection-reference?view=o365-worldwide
In older OS, EMET injects a DLL into the process. On latest Windows EMET is implemented b… Continue reading EMET is deprecated, which DLL implements the ring3 mitigation?
In September 2021 Black Lotus Labs (BLL) posted a blog entry discussing a payload loader that was:
written in Python
compiled to an ELF exe using PyInstaller in Debian in WSL
and "injected into a running process using Windows API cal… Continue reading How can an ELF binary call a Windows API from WSL(2) to deploy a payload?
I’m starting to learn about binary exploitation and 0day development. I have learned about stackoverflows, ASLR, DEP, stack cookies and so on… But then I came across this video:
https://www.youtube.com/watch?v=o_hk9nh8S1M
I was very moti… Continue reading Future of binary exploitation
JTAG
System software debug support is for many software developers the main reason to be interested in JTAG. Many silicon architectures such as PowerPC, MIPS, ARM, x86 built an entire software debug, instruction tracing, and data tracing … Continue reading Are there any existing JTAG (hardware debugging) based malware detection systems, and if not, why?
JTAG
System software debug support is for many software developers the main reason to be interested in JTAG. Many silicon architectures such as PowerPC, MIPS, ARM, x86 built an entire software debug, instruction tracing, and data tracing … Continue reading Are there any existing JTAG (hardware debugging) based malware detection systems, and if not, why?
I’m curious to know if an attacker can fundamentally exploit the debugging process.
I’m not asking if specific debugging tools have been exploitable, surely some have, but rather whether the process of debugging – any and perhaps every deb… Continue reading Has exploitation been demonstrated against the fundamental constructs of the debugging process?
I’m curious to know if an attacker can fundamentally exploit the debugging process.
I’m not asking if specific debugging tools have been exploitable, surely some have, but rather whether the process of debugging – any and perhaps every deb… Continue reading Has exploitation been demonstrated against the fundamental constructs of the debugging process?