Suche
Unten sind die Ergebnisse Ihrer Suche gelistet.
Passende Seitennamen:
Volltextergebnisse:
- Tools @en:it-security:blog
- ===== Tools ===== The encoder is part of my shellcode tool [[https://github.com/psycore8/shencode|ShenCode]], which is available as open source. ===== Step1: Prepare shellcode ===== ==== generate ==== We create a payload wi
- Obfuscation: ByteSwapping @en:it-security:blog
- {{tag>IT-Security Windows Kali shellcode blog english}} ====== Obfuscation: ByteSwapping ====== {{it-s... In the last post, I decrypted an encrypted shellcode in the working memory and had it executed. As enc... m into the encryption to make decrypting the shellcode a little more difficult. \\ \\ ===== Preliminary ... %%''|''%%F9%%''|''%%12%%''|''%%D1%%''| ===== The code ===== ==== Step 1: Python Encoder ==== The corr
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- abilities. [[en:it-security:blog:obfuscation_shellcode_als_uuids_tarnen|In the last part]] we looked at disguising shellcode as a UUID in the source code. This also worked well, but the shellcode was recognised in memory and blocked. We now want to solve t
- obfuscation_shellcode_als_uuids_tarnen_-_teil_1 @en:it-security:blog
- ~~REDIRECT>en:it-security:blog:obfuscation_shellcode_als_uuids_tarnen~~
- Privilege escalation: Windows admin thanks to Linux @en:it-security:blog
- ntpw ==== Now we can install ''chntpw'' using: <code bash> sudo apt install chntpw </code> \\ \\ ==== Find Windows partition ==== We are looking for the Windows partition. <code bash> sudo sfdisk -l </code> {{it-security:blog:screenshot_2024-03-14_145734.png|}} \\ \\ In our examp
- Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog
- 80568|kompilierte debug binary]] from the blog. <code bash> br *vuln+73 # setze Breakpoint r < i... "/bin/sh") RIP: 0x400469 (<_init+25>: ret) </code> \\ \\ ===== Dependencies ===== What is needed? ... fer_overflow_x64|Part 1]], we also need ropper. <code bash> sudo apt install ropper </code> \\ \\ ===== Deactivate ASLR ===== ASLR must also be deactivated
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- ssue a system command when calling the function <code gdb> [-------------------------------------code-------------------------------------] 0x4011de <vuln... >: mov eax,0x0 0x4011f7 <vuln+134>: leave </code> \\ \\ ===== Dependencies ===== * socat mod [[... ps://docs.pwntools.com/en/stable/install.html)) <code bash> python3 -m pip install --upgrade pip python
- Shellcode Injection Part 4 @en:it-security:blog
- y Windows Kali pentest blog english}} ====== Shellcode Injection Part 4 ====== {{it-security:blog:sc4-h... |}} In this article, we will only deal with shellcode obfuscation in passing. At this point, I wanted to develop a custom shellcode to learn more about how it works. The following ... of ''calc.exe'' on a Windows computer * 64-bit code * Avoid null bytes ===== Preparations ===== =
- 64-Bit Stack CheatSheet
- change them, it must save them on the stack with <code asm>push</code> to save them on the stack. Before returning to the function, these registers must then be restored using <code asm>pop</code> to restore these registers. More on this can be found in the Cheat-Sheet((https://cs.br
- Host Discovery with Metasploit database
- se and set up a user with access rights for it. <code bash> root@kali:~# msfdb init Creating database u... g/database.yml Creating initial database schema </code> ===== Metasploit: Connect database ===== <code ruby> msf6 > db_connect user:pass@127.0.0.1/db_name </code> ==== Check connection ==== <code ruby> msf6 >
- Shellcode Injection Part 2 @en:it-security:blog
- y windows kali pentest blog english}} ====== Shellcode Injection Part 2 ====== {{it-security:blog:shellcode-part2.jpg?600|}} In part 1 of the shellcode injection series, we started a reverse shell from a local process. In part 2, we inject the shellcode directly into a process. This form of injection i
- Shellcode Injection Part 1 @en:it-security:blog
- y windows kali pentest blog english}} ====== Shellcode Injection Part 1 ====== In this series of articles, we look at shellcode, how to inject it into processes and some techniq... In the first part, we look at how to inject shellcode from a local process. ausführt. In addition, we d... required files in the [[en:it-security:blog:shellcode_injection-1#Repository|repository]] \\ \\ ===== G
- Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog
- ileges.((https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/6... s://github.com/longld/peda/blob/master/README)) <code bash> git clone https://github.com/longld/peda.gi... peda echo "source ~/peda/peda.py" >> ~/.gdbinit </code> \\ \\ ==== Deactivate ASLR ==== ASLR must be de... ivated so that memory areas are not randomised. <code bash> echo 0 | sudo tee /proc/sys/kernel/randomiz
- Buffer Overflows - Intro
- s such a vulnerability, they can inject malicious code into the memory and thereby manipulate the behavi... ntrol of the affected system, executing malicious code, spying on confidential data or completely disrup... verflows or to minimise their effects: \\ \\ ==== Code reviews and secure programming ==== By carefully reviewing the source code, potential vulnerabilities can be recognised and