Search
You can find the results of your search below.
Fulltext results:
- FatCat Attack PoC @en:it-security:blog
- g purposes only - misuse is prohibited. strafbar((https://dejure.org/gesetze/StGB/202a.html)) | ===== D... :**Weaponisation** | Exploit, Payload | msfvenom((https://github.com/ksanchezcld/Hacking_Cheat_Sheet/blo... elivery** | Physical access, Injection | Flipper((https://flipperzero.one/)), BadUSB((https://grantonline.medium.com/flipper-zero-badusb-getting-started-with-
- Shellcode Injection Part 4 @en:it-security:blog
- e which I was happy to use as a reference. habe.((https://help.x64dbg.com/en/latest/commands/index.html ... Helpful tools ==== * Microsoft Visual Studio((https://visualstudio.microsoft.com/de/downloads/)) * x64dbg((https://x64dbg.com/)) * PEView((http://wjradburn.com/software/)) * ShenCode((https://github.com/psycore8
- Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog
- is by passing the command to be executed to the [[https://de.wikipedia.org/wiki/C-Standard-Bibliothek|li... tutorial is fundamentally based on the work of [[https://blog.techorganic.com|superkojiman]] ((https://blog.techorganic.com/2015/04/21/64-bit-linux-stack-sma... can be found in the link collection at the end. ((https://book.hacktricks.xyz/reversing-and-exploiting/l
- Shellcode Injection Part 3 @en:it-security:blog
- can use a shellcode injection to load a file via HTTP and then execute it. \\ \\ ===== Code ===== ===... </code> You can find the complete code in the [[https://github.com/psycore8/nosoc-shellcode/tree/main/... l documented assembler code can be found in the [[https://github.com/stephenbradshaw/shellcode/blob/mast... on WindowsAgent.py", 0 ;Zeile 192 / our URL db "http://172.26.72.38/nat.zip", 0 </code> \\ \\ === Crea
- Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog
- low on the 64-bit stack to gain root privileges.((https://www.ired.team/offensive-security/code-injectio... n buffer overflows, stack etc. can be found here((https://medium.com/@buff3r/basic-buffer-overflow-on-64... e debugger GDB with helpful commands to exploit.((https://github.com/longld/peda/blob/master/README)) <code bash> git clone https://github.com/longld/peda.git ~/peda echo "source
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- is restarted. Superkojiman describes in detail [[https://blog.techorganic.com|in his Blog]] how to circ... t in the GOT. We can now utilise this principle.((https://ir0nstone.gitbook.io/notes/types/stack/aslr/pl... ster/binaries/linux/x86_64/socat]] * pwntools ((https://docs.pwntools.com/en/stable/install.html)) <c... in/part-3|Github]]. <file c bof-part3.c> /* Code https://blog.techorganic.com/2016/03/18/64-bit-linux-s
- Shellcode Injection Part 1 @en:it-security:blog
- the shellcode. We do this with the tool jigsaw ((https://github.com/RedSiege/Jigsaw)) tool and the Obfy... e binary file look different with each process. ((https://0xpat.github.io/Malware_development_part_6/))((https://www.fo-sec.com/articles/10-defender-bypass-methods#3)) To do this, we download [[https://github.com/fritzone/obfy|Obfy]] to include the
- Shellcode Injection Part 2 @en:it-security:blog
- rt 1. You can download the source code from the [[https://github.com/psycore8/nosoc-shellcode|Github rep... 33). For this we use a python script, which is [[https://www.bordergate.co.uk/function-name-hashing/|in... \\ \\ ==== Jigsaw ==== In part 1 I have Jigsaw ((https://github.com/RedSiege/Jigsaw )) to disguise the ... ==== Obfy ==== Jigsaw in connection with Obfy ((https://github.com/fritzone/obfy )) was an immediate s
- IT Security Cheat Sheets
- @#D0FA58:**Methodology** | ^::: | Hacktricks | [[https://book.hacktricks.xyz/welcome/readme|hacktricks]... t.md|Github]] | ^::: | ReverseShell Generator | [[https://www.revshells.com/|revshells]] | ^::: | Unix ... >lolbas-project ]] | ^::: | Wordpress Hacking | [[https://infosecwriteups.com/hacking-the-wordpress-site... @#2E9AFE:**Search** | ^::: | Exploit Database | [[https://www.exploit-db.com/|exploit-db]] | ^::: | Shod
- 64-Bit Stack CheatSheet
- ==== The x64 register is structured as follows ((https://learn.microsoft.com/de-de/windows-hardware/drivers/debugger/x64-architecture)) ((https://www.complang.tuwien.ac.at/ubvl/amd64/amd64h.ht... s. More on this can be found in the Cheat-Sheet((https://cs.brown.edu/courses/cs033/docs/guides/x64_che
- Group Managed Service Accounts
- atus on the Manage Optional Features page. <sup>[[https://learn.microsoft.com/de-de/windows-server/remot... ntity <ACCOUNTNAME> </code> ---- Sources: * [[https://www.frankysweb.de/group-managed-service-accounts-gmsa-fuer-tasks-und-dienste/]] * [[https://www.der-windows-papst.de/2022/03/11/uninstall-
- Obfuscation: ByteSwapping @en:it-security:blog
- y2.asm -o poly.o </code> I do the cleanup with [[https://github.com/psycore8/shencode|ShenCode]]: <cod... nd the complete shellcode here: * Shellcode: [[https://github.com/psycore8/Shellcodes/blob/main/SwapBytes/poly2.asm|poly2.asm]] * [[https://github.com/psycore8/shencode|ShenCode]] ----
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- ecoder ===== I have taken the XOR decoder from [[https://www.doyler.net/security-not-included/shellcode... n the decoder. I use my ShellCode tool for this [[https://github.com/psycore8/shencode|ShenCode]]: <cod... I have integrated the XOR stub as a template in [[https://github.com/psycore8/shencode|ShenCode]] as a t
- SMB Hardening
- ySignature $true </code> ---- References <sup> https://learn.microsoft.com/de-de/troubleshoot/windows... networking/overview-server-message-block-signing </sup> <sup> https://en.hackndo.com/ntlm-relay/ </sup>
- Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog
- codes into a string array, which is filled with [[https://de.wikipedia.org/wiki/Universally_Unique_Ident... ===== The encoder is part of my shellcode tool [[https://github.com/psycore8/shencode|ShenCode]], which