Collaborate Disseminate
Kaspersky experts have discovered a new SteelFox Trojan that mimics popular software like Foxit PDF Editor and JetBrains to spread a stealer-and-miner bundle. Continue reading New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency
For context
I am using this Python script to execute the shellcode that is found
in loader.bin
#!/usr/bin/env python3
import ctypes
import ctypes.wintypes as wt
import logging
import platform
# Set up logging logging.basicConfig(leve… Continue reading How to correctly generate shellcode from a PyInstaller executable? [closed]
What I want to do is what BDFproxy and MSFvenom do; I want to modify a file to embed another PE in it and have both working. It does not matter if they work concurrently or when the main program finishes then embedded program works, I just… Continue reading How to embed a PE file into another PE file? [duplicate]
I am learning about shellcode development in C with an example from here. I can compile the assembly code and get de opcodes, also I can run successfully the ELF compiled with NASM, but I get a segmentation fault when I run the C test appl… Continue reading Segmentation fault in C shellcode x64
We can do a format string attack in the following way:
$ ./program.out $(echo -en ‘\xa8\xd1\xff\xff’)%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%n
Address of name: ffffd1ac, secret: ffffd1a8
ffffd849.ffffd1a8.565561b7.3.0.0.ffffd684.f7d6e70c.f7feec36… Continue reading Format string attack with printf
Return-to-libc is an attack where the attacker, in most cases, returns to the system function, which it uses to execute shell commands. However, I am confused about two things:
The command that the attacker executes is often bin/sh, but i… Continue reading bin/sh in return-to-libc attacks
I have uploaded a php shell using a file upload vulnerability. But when I hit the .php url after uploading it. It gets downloaded rather than executed. Why is that. And how can I execute my shell code?
This is the URL that it gets uploaded… Continue reading Why does my uploaded shell as .php gets downloaded rather than executed when I hit the URL?
I am pentesting a site with all permissions. I have been able to upload a PHP shell embedded within a png image. I have also been able to change the extension of the file like
something.php. So my question is when I run this file in my xam… Continue reading PHP embedded within PNG is not executing rather randering in IIS but executes in Apache
I need to use a .NET shellcode inside a c++ unmanaged process. Let me be clear the shellcode is not malicious by any means, I just need it to load .NET code in an unmanaged process.
Antivirus won’t let me and it keeps putting it in quarant… Continue reading How to get Avast to stop quarantining my program?
I’m looking to execute a shellcode by packaging it inside an executable.
I generate an executable (open the calculator)
I output a shellcode from the executable with donut.
donut.exe -i opencalc.exe -a 1 -b 1 -e 1
I decompile putty, a… Continue reading How can I jump to an address after executing a donut shellcode?