Suche
Unten sind die Ergebnisse Ihrer Suche gelistet.
Volltextergebnisse:
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- we used the string ''/bin/zsh'' to the function ''System()'' function to open a root shell. To do this, ho... urity:blog:bof-part3-header.jpg?500 |}} In Linux systems, dynamic programme libraries are usually used. T... gramme, but can simply access the function of the system, which, for example, is stored in ''libc'' for ex... GOT, we overwrite an address with the one from ''system()''so that we can issue a system command when cal
- Buffer Overflows - Intro
- nd dangerous security vulnerabilities in computer systems. This vulnerability allows an attacker to overwr... overflows work, discuss their impact on computer systems and discuss various preventative measures. \\ \\... ult in an attacker taking control of the affected system, executing malicious code, spying on confidential data or completely disrupting the system's service. In critical environments, such as in t
- Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog
- .org/wiki/C-Standard-Bibliothek|libc-Funktion]] ''system()'' is forwarded. This tutorial is fundamentally ... AA') RSP: 0x7...fdde0 --> 0x7ffff7e17920 (<__libc_system>: test rdi,rdi) # system("/bin/sh") RIP: 0x400469 (<_init+25>: ret) </code> \\ \\ ===== Dependenci... it: <code bash> gdb-peda$ start ... gdb-peda$ p system $1 = {int (const char *)} 0x7ffff7e17920 <__libc_
- Group Managed Service Accounts
- UTERNAME>$ </code> ==== test ==== On the target system: <code powershell> Test-ADServiceAccount <ACCOUN... le reports ''True'' === For errors on the target system === The RSAT tools may need to be activated. Sta... in AD, or as a local administrator on the target system. ===== Services ===== Services can now be provi
- FatCat Attack PoC @en:it-security:blog
- tom-payloads)) | |::: | Enumeration | **Enumerate System Info** JAWS((https://github.com/411Hall/JAWS)), S... etasploit Handler}}] \\ ==== Access to the target system ==== * With the pinball machine, the following script is executed on the target system <code dos> WINDOWS r DELAY 2000 STRING powershel
- Privilege escalation: Windows admin thanks to Linux @en:it-security:blog
- de>Security_Accounts_Manager]] using a live Linux system. \\ \\ ===== Initial situation ===== On a Windows system, the users ''users'' and ''sysadmin'' are created... the SAM directory. <code bash> cd ~/win/Windows/System32/config </code> \\ \\ ===== Manipulation of the
- OSI layer cyber attacks
- fc1: Firewall filtering, [[wp>Intrusion_Detection_System|IDS]], [[wp>Intrusion_Prevention_System|IPS]], prevent IP address spoofing via the router | | @lightsalmo
- Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog
- ==== We start a Metasploit handler on the attack system to receive the reverse shell: <code ruby> msf6 >... 64-bit programme. We then copy this to the victim system. After the copying process, the file is not recog
- Helpful NMAP scanner commands
- <code bash> nmap-sn 192.168.0.1/24 </code> ==== Systematic scan ==== <code bash> nmap -e tun0 -PE -sn -
- Secure passwords
- l hardware - Card-supported password management systems - Password programmes I will go into the passw
- SMB Hardening
- Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameter
- The importance of awareness in IT security @en:it-security:blog
- y_Operations_CenterSOC]] | Guidelines, management systems | Awareness | In our case, no emphasis was plac
- Obfuscation: ByteSwapping @en:it-security:blog
- e conditions for the end of the loop are met, the system jumps directly to the decrypted shellcode and exe
- Shellcode Injection Part 2 @en:it-security:blog
- Metasploit uses ROR13 (Rotate Right 13) to hash system addresses. We turn ROR13 into ROL33 (Rotate Left