NoSociety.de

You can find the results of your search below.

Fulltext results:

Obfuscation: polymorpher In-Memory Decoder @it-security:blog: 6 Hits, Last modified: 9 months ago; ecoder startet mit dieser Anweisung: <code asm> _start: jmp short call_decoder ; Begin of JMP-C... ans Ziel: <code asm [enable_line_numbers="true",start_line_numbers_at="26"]> xor rax, rax mov al, 60h m... ändern in: <code asm [enable_line_numbers="true",start_line_numbers_at="26"]> xor rax, rax mov rax, gs:[... vermeiden. <code asm [enable_line_numbers="true",start_line_numbers_at="30"]> mov rax, [rax] ; 48 8b
Backdoor development with Code Caves @it-security:blog: 3 Hits, Last modified: 5 months ago; e Size: 4027 byte. [*] Start Address: 0x80005654 [*] En... in </code> ===== 4.0 Code Hijacking ===== Let's start the disassembler! We should initiate a [[Backdoor... rse TCP handler on 0.0.0.0:6699 </code> ==== 5.2 Start the backdoor ==== - Run the backdoor - Enter
nmap SMBv1 Scan via Script: 2 Hits, Last modified: 18 months ago; king if SMBv1 is supported") status, smbstate = start(host) if(status == false) then return false... SMBv1 and close connection status, smbstate = start(host) if(status == false) then return false
Buffer Overflow im 64-Bit Stack - Teil 3 @it-security:blog: 2 Hits, Last modified: 4 months ago; process 105836 Mapped address spaces: Start Addr End Addr Size Offset Pe... pwntools Optimierungen und automatisiertem socat Start ist im [[gh>psycore8/nosoc-bof/tree/main/part-3|G
Obfuscation: ByteSwapping @it-security:blog: 2 Hits, Last modified: 7 months ago; tialisierung und JMP-CALL-POP === <code stylus> _start: xor rax, rax xor rbx, rbx xor rcx, r... hon shencode.py extract -i poly2.o -o poly2.raw --start-offset 100 --end-offset 404 </code> * Dann ext
Shellcode Injection Teil 2 @it-security:blog: 2 Hits, Last modified: 10 months ago; soll die PID des Zielprozesses als Parameter beim Start übergeben bekommen. Die PID geben wir als Paramet... ateRemoteThread(processHandle, NULL, 0, (LPTHREAD_START_ROUTINE)remoteBuffer, NULL, 0, NULL); </code> \\
Shellcode Injection Teil 4 @it-security:blog: 2 Hits, Last modified: 10 months ago; Anforderungen sollten hierbei erfüllt sein: * Start von ''calc.exe'' auf einem Windows Rechner * 64... ==== kernel32.dll Basis Adresse ==== Mit jedem Start eines Prozesses in Windows, werden Module in dies
Buffer Overflow im 64-Bit Stack - Teil 2 @it-security:blog: 1 Hits, Last modified: 11 months ago; den Debugger und starten: <code bash> gdb-peda$ start ... gdb-peda$ p system $1 = {int (const char *)}
FatCat Attack PoC @it-security:blog: 1 Hits, Last modified: 15 months ago; msfpayload.exe DELAY 3000 ENTER DELAY 5000 STRING Start-Process msfpayload.exe DELAY 3000 ENTER DELAY 300

Search

Fulltext results: