Suche
Unten sind die Ergebnisse Ihrer Suche gelistet.
Passende Seitennamen:
Volltextergebnisse:
- Reset the registry at an earlier point in time @en:windows
- thing at this point is that we get access to the file system. ===== Rename and save the old registry =... \Windows\system32\config and rename the following files: - SAM - SECURITY - software - default ... alled Snapshot. This is exactly where we find the files we need: - _REGISTRY_USER_.DEFAULT - _REGIS... restart. If the problem still persists, the process must be repeated with slightly older registry files.
- Obfuscation: polymorphic in-memory decoder @en:it-security:blog
- ep: - We extract the actual shellcode from the file ''%%calc.o%%'' and save it in ''%%calc.raw%%'' (f... ur code and prepare it for our ''%%Inject.cpp%%'' file: <code python> python shencode.py output -f xor-... xor-decoder.stub -fb 60 -lb 329 [*] try to open file [+] reading xor-decoder.o successful! [*] cutting... key 63 python shencode.py create --xor-stub --xor-filename xor.out --xor-outputfile stub.raw --xor-key 6
- Obfuscation: Disguise shellcode as UUIDs @en:it-security:blog
- something like this: <code cpp> [*] try to open file [+] reading 240906.001 successful! [*] try to gen... the victim system. After the copying process, the file is not recognised. We scan it once manually with ... ooks good. ==== Execute ==== We now execute the file and wait for the result. Unfortunately, nothing ... ==== The UUID obfuscation works and protects the file when accessing the hard drive. After execution, m
- Privilege escalation: Windows admin thanks to Linux @en:it-security:blog
- ]] After the download you have to port the image file to a bootable USB stick or DVD. To ensure that th
- Buffer overflow in the 64-bit stack - Part 2 @en:it-security:blog
- per and display the gadgets <code bash> ropper --file bof-part2 ... 0x000000000040116a: pop rdi; ret; .... ll need 2 offsets for the exploit. So we load our file into the debugger and start it: <code bash> gdb-... === Now we run our Python exploit and create the file in.txt. <code bash>python2 buffer.py</code> \\ \\ ==== Set authorisations ==== Our file still needs the appropriate root permissions. <c
- Buffer overflow in the 64-bit stack - Part 3 @en:it-security:blog
- h>psycore8/nosoc-bof/tree/main/part-3|Github]]. <file c bof-part3.c> /* Code https://blog.techorganic.c... setbuf(stdout, 0); vuln(); return 0; } </file> \\ \\ ===== Debug ===== {{page>en:vorlagen:att... s write a first exploit to ''write()'' to leak. <file python buf3-stage1.py> #!/usr/bin/env python fro... # POP Argumente buf += p64(constants.STDOUT_FILENO) # stdout buf += p64(bin.got[b'write'])
- Shellcode Injection Part 4 @en:it-security:blog
- ode> <callout type="info" icon="true"> Opens the file ''windir\syswow64\kernel32.dll'' in PEView. This ... > Then it is worth taking a look at the compiled file: <code> objdump -d calc-unsanitized.o </code> {... .o -s c </code> The command provides us with the file in C format syntax. We know that our shellcode st
- Linux Commands Cheatsheet @en:linux
- ete user | | whoami | Output current user | ==== File and directory management ==== ^ Command ^ Commen... | Change owner | | cp -r newdir/* olddir/ | Copy files recursively | | 'cp' -rf dir/{*,.??*} /dir/ | hidden files and aliased cp -i will be copied | | du -hs <dir... tory size | | du -h * %%|%% sort -hr > /home/user/filelist.txt | File list sorted by size | | echo bla >
- Host Discovery with Metasploit database @en:it-security
- bases 'msf' and 'msf_test' Creating configuration file in /usr/share/metasploit-framework/config/databas
- $whoami @en:user
- n-32x32.png}} bluesky.com | [[https://bsky.app/profile/psycore8.bsky.social|psycore8]] | | {{https://git
- Shellcode Injection Part 2 @en:it-security:blog
- , this alone was not enough, so that the compiled file was recognised directly. Nevertheless, I also use... ated by the ''%%function_encoder.py%%'' generated file ''%%output.bin%%''. \\ \\ ==== Obfy ==== Jigsaw ... s Defender could no longer recognise the compiled file. I didn't even have to do much. It was enough to
- Shellcode Injection Part 1 @en:it-security:blog
- cesses and some techniques for obfuscating binary files. In the first part, we look at how to inject she... es it as a threat. You can find all the required files in the [[en:it-security:blog:shellcode_injection... should be in C format | | > shell.c | Save to the file shell.c | <code bash> msfvenom -p windows/shell_... tes. We take this from the ''msfvenom'' output. <file cpp local-process-injection.cpp> #include <stdio.
- The importance of awareness in IT security @en:it-security:blog
- romised. The trigger was a double-click on an ISO file that was sent as an attachment in an email. Windo... k methods === In this particular example, an ISO file was included. This is only symbolic for the time
- Buffer overflow in the 64-bit stack - part 1 @en:it-security:blog
- The Shellcode((http://shell-storm.org/shellcode/files/shellcode-77.html)) is stored in an environment ... ==== First we set root rights to the vulnerable file and start it((https://blog.techorganic.com/2015/0... bof-dism-5.png?600|root Shell!}}] \\ \\ ^ Project files | {{ it-security:nosoc-repo-bof64.zip |}}<label
- Shellcode Injection Part 3 @en:it-security:blog
- ow how we can use a shellcode injection to load a file via HTTP and then execute it. \\ \\ ===== Code =... assembly === The code executes a downloaded VBS file. However, we want to start a Python script that c... tylus> ;Zeile 143 / +7 marks the beginning of the filename (WindowsAgent.py) lea edx, [esi + 7] ;Zeile... reate the shellcode as ''%%x86 Windows%%'' binary file. We do this with ''%%nasm%%'': <code bash> nasm