Suche
Unten sind die Ergebnisse Ihrer Suche gelistet.
Passende Seitennamen:
Volltextergebnisse:
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- sponding registers had to be renamed. The decoder starts with this instruction: <code asm> _start: jmp short call_decoder ; Begin of JMP-CALL-POP </co... goal here: <code asm [enable_line_numbers="true",start_line_numbers_at="26"]> xor rax, rax mov al, 60h m... change to: <code asm [enable_line_numbers="true",start_line_numbers_at="26"]> xor rax, rax mov rax, gs:[
- Reset the registry at an earlier point in time @en:windows
- ename them back to their original names. ===== Restart and test ===== Now we restart. If the problem still persists, the process must be repeated with slightl
- Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog
- tionality ===== ==== Metasploit handler ==== We start a Metasploit handler on the attack system to rece... /shell/reverse_tcp lhost=0.0.0.0 lport=15666 [*] Started reverse TCP handler on 0.0.0.0:15666 </code> =
- Privilege escalation: Windows admin thanks to Linux @en:it-security:blog
- the boot sequence to the appropriate medium Now start Lubuntu and configure the following: * Change ... > \\ \\ ===== Manipulation of the SAM ===== ==== Start chntpw ==== Now it's time to start the tool we just installed. <code bash> sudo chntpw -i SAM </code> ... closed and the computer shut down. \\ \\ ===== Restart computer ===== To start the computer now, the fo
- Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog
- d 2 gadgets to create the exploit. To do this, we start ropper and display the gadgets <code bash> roppe... xploit. So we load our file into the debugger and start it: <code bash> gdb-peda$ start ... gdb-peda$ p system $1 = {int (const char *)} 0x7ffff7e17920 <__libc... -part2 </code> \\ \\ ==== root Shell ==== Now we start our programme and pass our buffer as an argument.
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- function addresses every time the programme is restarted. Superkojiman describes in detail [[https://blo... addresses are changed each time the programme is started. === PLT and GOT === PLT (Procedure Linkage T... Debug ===== {{page>en:vorlagen:attention}} ==== Start socat Listener ==== The supplied socat has mecha... process 105836 Mapped address spaces: Start Addr End Addr Size Offset Pe
- Shellcode Injection Part 4 @en:it-security:blog
- . The following requirements should be met: * Start of ''calc.exe'' on a Windows computer * 64-bit ... l32.dll base address ==== Each time a process is started in Windows, modules are loaded into this proces... le in C format syntax. We know that our shellcode starts with the opcodes ''55 48''. These are found from
- Linux Commands Cheatsheet @en:linux
- -s | Shut down or switch off | | shutdown -r | Restart (reboot) | | shutdown -l | User logout | | shutdo... ode> deaktivieren. The web server must then be restarted with <code bash> /etc/init.d/apache2 restart </code> nötig. ===== Run Froxlor Cron ===== [[en:linu
- Host Discovery with Metasploit database @en:it-security
- ruby> msf6 > db_nmap -sP 192.168.2.0/24 [*] Nmap: Starting Nmap 7.93 ( https://nmap.org ) at 2022-12-29 2... ry(scanner/portscan/tcp) > hosts -R </code> ==== Start port scan ==== <code ruby> msf6 auxiliary(scann
- Shellcode Injection Part 2 @en:it-security:blog
- In part 1 of the shellcode injection series, we started a reverse shell from a local process. In part 2... e the PID of the target process as a parameter at startup. We specify the PID as a parameter ''%%OpenProc... ateRemoteThread(processHandle, NULL, 0, (LPTHREAD_START_ROUTINE)remoteBuffer, NULL, 0, NULL); </code> \\
- Shellcode Injection Part 1 @en:it-security:blog
- ger}}] \\ \\ ==== Prepare Metasploit ==== Now we start a handler in Metasploit that accepts the reverse ... 61.130 msf6 exploit(multi/handler) > exploit [*] Started reverse TCP handler on 172.23.61.130:445 </code> \\ \\ ==== Execute shellcode ==== We now start ''Inject.exe''and look at the output in Metasploi... in our project and set the macro instructions to start and end the code obfuscation. <code c++ [enable_
- Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog
- first we have to find out how we can do this. We start our programme in the debugger and generate a 200-... rst we set root rights to the vulnerable file and start it((https://blog.techorganic.com/2015/04/10/64-bi
- Shellcode Injection Part 3 @en:it-security:blog
- ecutes a downloaded VBS file. However, we want to start a Python script that creates a Meterpreter shell.... => 4500 resource (/home/kali/nosoc3.rc)> run [*] Started reverse TCP handler on 0.0.0.0:4500 </code> N... everything is ready. \\ \\ ==== Attack ==== Now start the programme on the target PC. {{it-security:bl... for this is also available in the repository. To start, the target PID must be passed as an argument: <
- Windows restore points @en:windows
- {{tag>Windows Windows11 english startpage}} ====== Windows restore points ====== ===== Open System Resto... n ''Next''. After clicking on ''Finish'' the PC restarts and returns to the selected point. {{windows:sy
- FatCat Attack PoC @en:it-security:blog
- e ===== - Deactivate AV - Create payload - Start handler - BadUSB attack - Use RemoteShell to ... rantonline.medium.com/flipper-zero-badusb-getting-started-with-duckyscript-f212fcdd5dec)) | |::: | Bypass... d attack ===== ==== Metasploit payload ==== * Start Metasploit * Open cmd <code dos>cmd</code> ... e payload}}] \\ ==== Metasploit Handler ==== * Start Multi Handler Server <code ruby> use exploit/mul