Search
You can find the results of your search below.
Matching pagenames:
- dpkg returned an error code (1), Fehlerbehebung
- Identifier locked in options dialog: $decode
- Backdoor development with Code Caves
- Obfuscation: polymorpher In-Memory Decoder
- Obfuscation: Shellcode als UUIDs tarnen
- obfuscation_shellcode_als_uuids_tarnen_-_teil_1
- Shellcode Injection Teil 1
- Shellcode Injection Teil 2
- Shellcode Injection Teil 3
- Shellcode Injection Teil 4
- Delphi Codebase
- Obfuscation: polymorphic in-memory decoder
- Obfuscation: Disguise shellcode as UUIDs
- obfuscation_shellcode_als_uuids_tarnen_-_teil_1
- Shellcode Injection Part 1
- Shellcode Injection Part 2
- Shellcode Injection Part 3
- Shellcode Injection Part 4
- Delphi Codebase
Fulltext results:
- Shellcode Injection Teil 4 @it-security:blog
- ''calc.exe'' auf einem Windows Rechner * 64-Bit Code * Vermeiden von Null-Bytes ===== Vorbereitunge... st von [[https://www.ired.team/offensive-security/code-injection-process-injection/finding-kernel32-base... ich für den Aufbau des Shellcodes genutzt. ===== Code: Schritt für Schritt ===== Den kompletten Code findet ihr auch auf [[https://github.com/psycore8/nosoc
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- d at disguising shellcode as a UUID in the source code. This also worked well, but the shellcode was rec... amed. The decoder starts with this instruction: <code asm> _start: jmp short call_decoder ; Begin of JMP-CALL-POP </code> ''%%JMP-CALL-POP%%'' is a technique that allows us to execute code independently of memory. In this first step, we n
- Shellcode Injection Part 4 @en:it-security:blog
- of ''calc.exe'' on a Windows computer * 64-bit code * Avoid null bytes ===== Preparations ===== =... t from [[https://www.ired.team/offensive-security/code-injection-process-injection/finding-kernel32-base... e used for the structure of the shellcode. ===== Code: Step by step ===== You can also find the complete code on [[https://github.com/psycore8/nosoc-shellcode/
- Obfuscation: polymorpher In-Memory Decoder @it-security:blog
- sten. Der Decoder startet mit dieser Anweisung: <code asm> _start: jmp short call_decoder ; Begin of JMP-CALL-POP </code> ''%%JMP-CALL-POP%%'' ist eine Technik, welche uns erlaubt Code unabhängig vom Speicher auszuführen. In diesem er... en wir nun zur Sprungmarke ''%%call_decoder%%'' <code asm> call_decoder: call decoder ; RSP
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- ssue a system command when calling the function <code gdb> [-------------------------------------code-------------------------------------] 0x4011de <vuln... >: mov eax,0x0 0x4011f7 <vuln+134>: leave </code> \\ \\ ===== Dependencies ===== * socat mod [[... ps://docs.pwntools.com/en/stable/install.html)) <code bash> python3 -m pip install --upgrade pip python
- Buffer Overflow im 64-Bit Stack - Teil 3 @it-security:blog
- der Funktion einen Systembefehl absetzen können <code gdb> [-------------------------------------code-------------------------------------] 0x4011de <vuln... >: mov eax,0x0 0x4011f7 <vuln+134>: leave </code> \\ \\ ===== Abhängigkeiten ===== * socat mod ... ps://docs.pwntools.com/en/stable/install.html)) <code bash> python3 -m pip install --upgrade pip python
- n8n Installation mit Docker Compose @linux
- == ==== 1.1 alte Versionen deinstallieren ==== <code bash> sudo apt-get remove docker docker-engine docker.io containerd runc </code> ==== 1.2 Repo Installation ==== === 1.2.1 Update apt und HTTPS aktivieren === <code bash> sudo apt-get update sudo apt-get install... tc/apt/sources.list.d/docker.list > /dev/null </code> === 1.2.2 Docker GPG Key hinzufügen === <cod
- n8n installation with Docker Compose @en:linux
- an) ===== ==== 1.1 Uninstall old versions ==== <code bash> sudo apt-get remove docker docker-engine docker.io containerd runc </code> ==== 1.2 Repo installation ==== === 1.2.1 Update apt and activate HTTPS === <code bash> sudo apt-get update sudo apt-get install... tc/apt/sources.list.d/docker.list > /dev/null </code> === 1.2.2 Add Docker GPG Key === <code bash>
- n8n installation with Docker Compose @en:linux:n8n
- an) ===== ==== 1.1 Uninstall old versions ==== <code bash> sudo apt-get remove docker docker-engine docker.io containerd runc </code> ==== 1.2 Repo installation ==== === 1.2.1 Update apt and activate HTTPS === <code bash> sudo apt-get update sudo apt-get install... tc/apt/sources.list.d/docker.list > /dev/null </code> === 1.2.2 Add Docker GPG Key === <code bash>
- Buffer Overflow im 64-Bit Stack - Teil 1 @it-security:blog
- langen.((https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/6... s://github.com/longld/peda/blob/master/README)) <code bash> git clone https://github.com/longld/peda.gi... peda echo "source ~/peda/peda.py" >> ~/.gdbinit </code> \\ \\ ==== ASLR deaktivieren ==== ASLR muss dea... mit Speicherbereiche nicht randomisiert werden. <code bash> echo 0 | sudo tee /proc/sys/kernel/randomiz
- Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog
- ileges.((https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/6... s://github.com/longld/peda/blob/master/README)) <code bash> git clone https://github.com/longld/peda.gi... peda echo "source ~/peda/peda.py" >> ~/.gdbinit </code> \\ \\ ==== Deactivate ASLR ==== ASLR must be de... ivated so that memory areas are not randomised. <code bash> echo 0 | sudo tee /proc/sys/kernel/randomiz
- Backdoor development with Code Caves @it-security:blog
- utsch english}} ====== Backdoor development with Code Caves ====== {{:it-security:blog:bd-putty-header... xe%%'' that is unused in the resources (so-called code caves). ===== 1.0 Introduction ===== The following steps will be executed: * Identify the code cave * Change the access rights of the resource... Identify and hijack the function * Redirect the code flow * Test the backdoor ===== 2.0 Code Caves
- IRC Channel eröffnen @irc
- Wer diese noch nicht kennt, kann mit dem Befehl <code mirc>/rules</code> in seinem IRC Clienten diese abrufen. ===== Schritt 1: den Channel erstellen ===== ... nun ins Leben zu rufen geben wir folgendes ein: <code mirc>/join #DeinChannel</code> Das Deinchannel erstzen wir natürlich mit dem jeweiligen Channelnamen.
- Hilfreiche NMAP Scanner Kommandos @it-security
- === Command Set ===== ==== Discover Hosts ==== <code bash> export IPRANGE='172.16.0.0/16' nmap -e tun0 -sn -v -oA pingscan $IPRANGE </code> ==== Parse Results ==== <code bash> grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt </code> ==== Discover Services ==== <code bash> nmap -
- Open IRC channel @en:irc
- yet familiar with these, you can use the command <code mirc>/rules</code> command in your IRC client. ===== Step 1: Create the channel ===== To create this channel, enter the following: <code mirc>/join #DeinChannel</code> The Deinchannel will of course be named after the respective channel na