NoSociety.de

Unten sind die Ergebnisse Ihrer Suche gelistet.

Volltextergebnisse:

Obfuscation: polymorphic in-memory decoder @en:it-security:blog: 6 Treffer, Zuletzt geändert: vor 9 Monaten; ecoder starts with this instruction: <code asm> _start: jmp short call_decoder ; Begin of JMP-C... goal here: <code asm [enable_line_numbers="true",start_line_numbers_at="26"]> xor rax, rax mov al, 60h m... change to: <code asm [enable_line_numbers="true",start_line_numbers_at="26"]> xor rax, rax mov rax, gs:[... e 0 bytes. <code asm [enable_line_numbers="true",start_line_numbers_at="30"]> mov rax, [rax] ; 48 8b
Privilege escalation: Windows admin thanks to Linux @en:it-security:blog: 6 Treffer, Zuletzt geändert: vor 10 Monaten; the boot sequence to the appropriate medium Now start Lubuntu and configure the following: * Change ... > \\ \\ ===== Manipulation of the SAM ===== ==== Start chntpw ==== Now it's time to start the tool we just installed. <code bash> sudo chntpw -i SAM </code> ... closed and the computer shut down. \\ \\ ===== Restart computer ===== To start the computer now, the fo
FatCat Attack PoC @en:it-security:blog: 5 Treffer, Zuletzt geändert: vor 17 Monaten; e ===== - Deactivate AV - Create payload - Start handler - BadUSB attack - Use RemoteShell to ... d attack ===== ==== Metasploit payload ==== * Start Metasploit * Open cmd <code dos>cmd</code> ... e payload}}] \\ ==== Metasploit Handler ==== * Start Multi Handler Server <code ruby> use exploit/mul... ecurity:blog:001-fc-handler.png?400|Configure and start Metasploit Handler}}] \\ ==== Access to the targe
Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog: 4 Treffer, Zuletzt geändert: vor 10 Monaten; d 2 gadgets to create the exploit. To do this, we start ropper and display the gadgets <code bash> roppe... xploit. So we load our file into the debugger and start it: <code bash> gdb-peda$ start ... gdb-peda$ p system $1 = {int (const char *)} 0x7ffff7e17920 <__libc... -part2 </code> \\ \\ ==== root Shell ==== Now we start our programme and pass our buffer as an argument.
Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog: 4 Treffer, Zuletzt geändert: vor 10 Monaten; Debug ===== {{page>en:vorlagen:attention}} ==== Start socat Listener ==== The supplied socat has mecha... process 105836 Mapped address spaces: Start Addr End Addr Size Offset Pe... urther pwntools optimisations and automated socat start can be found in the [[gh>psycore8/nosoc-bof/tree/... .com/a/48571747)) \\ \\ ==== root shell ==== We start socat and bof-part3 as root <code bash> su root
nmap SMBv1 Scan via Script: 3 Treffer, Zuletzt geändert: vor 17 Monaten; king if SMBv1 is supported") status, smbstate = start(host) if(status == false) then return false... SMBv1 and close connection status, smbstate = start(host) if(status == false) then return false... blocking the responses" end end </code> ===== Start scan ===== <code bash> nmap -p139,445 --script s
SMB Hardening: 3 Treffer, Zuletzt geändert: vor 17 Monaten; lients and servers. Authentication can be used to start a session on the server and steal data. The SMB s... SMBv1 can also be deactivated via Powershell (restart required): <code powershell>Disable-WindowsOptio... rver === The same commands apply to servers. A restart should be scheduled in advance. ==== Step 2 - Op
Obfuscation: ByteSwapping @en:it-security:blog: 3 Treffer, Zuletzt geändert: vor 7 Monaten; itialisation and JMP-CALL-POP === <code stylus> _start: xor rax, rax xor rbx, rbx xor rcx, r... hon shencode.py extract -i poly2.o -o poly2.raw --start-offset 100 --end-offset 404 </code> * Then we ... Debug ===== After compiling the injector, we can start debugging. I use x64dbg for this. {{it-security:
Shellcode Injection Part 1 @en:it-security:blog: 3 Treffer, Zuletzt geändert: vor 11 Monaten; ger}}] \\ \\ ==== Prepare Metasploit ==== Now we start a handler in Metasploit that accepts the reverse ... </code> \\ \\ ==== Execute shellcode ==== We now start ''Inject.exe''and look at the output in Metasploi... in our project and set the macro instructions to start and end the code obfuscation. <code c++ [enable_
Shellcode Injection Part 3 @en:it-security:blog: 3 Treffer, Zuletzt geändert: vor 12 Monaten; ecutes a downloaded VBS file. However, we want to start a Python script that creates a Meterpreter shell.... everything is ready. \\ \\ ==== Attack ==== Now start the programme on the target PC. {{it-security:bl... for this is also available in the repository. To start, the target PID must be passed as an argument: <
Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog: 2 Treffer, Zuletzt geändert: vor 11 Monaten; first we have to find out how we can do this. We start our programme in the debugger and generate a 200-... rst we set root rights to the vulnerable file and start it((https://blog.techorganic.com/2015/04/10/64-bi
Host Discovery with Metasploit database: 1 Treffer, Zuletzt geändert: vor 10 Monaten; ry(scanner/portscan/tcp) > hosts -R </code> ==== Start port scan ==== <code ruby> msf6 auxiliary(scann
Secure passwords: 1 Treffer, Zuletzt geändert: vor 17 Monaten; t. ===== 2.0 Dealing with passwords ===== Let's start by clarifying two things: The wrong and the right
Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog: 1 Treffer, Zuletzt geändert: vor 10 Monaten; tionality ===== ==== Metasploit handler ==== We start a Metasploit handler on the attack system to rece
Shellcode Injection Part 2 @en:it-security:blog: 1 Treffer, Zuletzt geändert: vor 11 Monaten; ateRemoteThread(processHandle, NULL, 0, (LPTHREAD_START_ROUTINE)remoteBuffer, NULL, 0, NULL); </code> \\
Shellcode Injection Part 4 @en:it-security:blog: 1 Treffer, Zuletzt geändert: vor 10 Monaten