#nosoc blog
$^\xi xpec_tthe ^un \xi xpecte_d$
Shellcode Injection Part 3
Shellcode injections are generally used to initiate a reverse shell. However, in some circumstances it may be necessary to load the code for the shell in the second step.
In this blog post, I show how we can use a shellcode injection to load a file via HTTP and then execute it.
Shellcode Injection Part 2
In part 1 of the shellcode injection series, we started a reverse shell from a local process. In part 2, we inject the shellcode directly into a process. This form of injection is usually recognised by Windows Defender, so we will again use some obfuscation methods.
We use a 64-bit shellcode and (with one exception) use the same tools as in part 1. You can download the source code from the Github repository.
Shellcode Injection Part 1
In this series of articles, we look at shellcode, how to inject it into processes and some techniques for obfuscating binary files. In the first part, we look at how to inject shellcode from a local process. ausführt. In addition, we disguise the program so that Defender no longer recognises it as a threat.
You can find all the required files in the repository
Buffer overflow in the 64-bit stack - Part 3
In Part 2 we used the string /bin/zsh to the function System() function to open a root shell. To do this, however, we had to deactivate ASLR - ASLR changes function addresses every time the programme is restarted. Superkojiman describes in detail in his Blog how to circumvent this protection. But first we have to visualise a few things
The third part of the Buffer Overflow series.
Privilege escalation: Windows admin thanks to Linux
In this tutorial, I will show you how to secure administrator rights on Windows PCs using a live boot CD. We will simulate two scenarios:
- activate an admin account
- upgrading a simple user to the administrator group
We will do this by manipulating the SAM Security_Accounts_Manager using a live Linux system.
<< Newer entries | Older entries >>