Collaborate Disseminate
I am wondering what attacks would be theoretically possible against a Python script that executes a subprocess involving sudo. I know that asking for the sudo password using input() or getpass(), then passing it to the subprocess’s stdin c… Continue reading How to exploit Python script and sudo subprocess shared file handle?
could someone please help me with the following issue? I have completely disconnected my PC from the network and would now like to check if there are any processes trying to establish a network connection that would attempt to send data fr… Continue reading Using Process Monitor to detect any attempt of using network ressources?
Suppose you need to define for an organization what should be considered an information security incident which, when observed, triggers security incident response (investigate, contain, eradicate, recover – details of which might also nee… Continue reading Is loss of availability automatically a security incident?
I have two process, one run as user client, another run as user inspector
The web app admin ( process client ) port 8080
The web app customer ( process client ) port 8081
Single app process listing on multiple ports
The client process … Continue reading Is beneficial to have one process listing multiple ports to block country?
In this article, I will talk about the Uhssvc.exe file on Windows 11/10. It is an exe file developed by Microsoft. However, some users reported that Autoruns software showed this file as illegitimate on their systems. According to them, Autoruns showed… Continue reading Uhssvc.exe not verified; What is it?
Every application you run on Windows comes with a component program that updates it. So, if you are using Google Chrome or Google Earth, it runs a GoogleUpdate.exe application that checks if an update is available and then updates it based on the setti… Continue reading What is Updater.exe process I see in Task Manager of Windows 11/10?
From my understanding:
I can emulate many different architectures and systems with qemu as a user(mode) process.
There is separate user address space per process.
If a malicious process were to escape emulation it could compromise the use… Continue reading Does emulation/software virtualization provide more isolation/security vs hardware virtualization?
In the same way that a doctor often needs to take a non-destructive look inside a patient to diagnose a problem, those who seek to reverse engineer electronic systems can …read more Continue reading Reviving a Sensorless X-Ray Cabinet with Analog Film
Anyone have any idea what the PerfPowerService and PerfPowerTelemetry…Service is on macOS (Sonoma?) I can’t seem to find a lot of information on these processes. The second one isn’t even mentioned in the Unix man pages.
Is there any acc… Continue reading macOS processes [migrated]
I have created a kubernetes pod. The container has the SYS_ADMIN capability.
I can see all host’s processes.
However I can not cat /proc/1/environ.
Why is that?
Continue reading Unable to vew /proc/1/environ despite having SYS_ADMIN capability