Reverse Dungeon
https://alexaltea.github.io/blog/posts/2016-10-12-xchg-rax-rax-solutions/
Solutions of xchg rax,rax
Forwarded from BlankRoom
Telegram RCE
🆘🆘🆘ATTENTION 🆘🆘🆘
URGENTLY DISABLE AUTOLOADING MEDIA ON ALL DEVICES WHERE THE TELEGRAM DESKTOP IS INSTALLED
🆘🆘NOT A TRAINING ALARM 🆘🆘
Settings - Advanced settings - In personal chats, groups, channels, DISABLE ALL CHECKS IN ALL AUTOLOAD MEDIA ITEMS
Found rce is played through the video player in Telegram. Therefore, the safest solution is to disable auto-downloading of files.
Information about the exploit itself is currently known only in narrow circles
https://vimeo.com/932147196
@Bl4nk_Room
🆘🆘🆘ATTENTION 🆘🆘🆘
URGENTLY DISABLE AUTOLOADING MEDIA ON ALL DEVICES WHERE THE TELEGRAM DESKTOP IS INSTALLED
🆘🆘NOT A TRAINING ALARM 🆘🆘
Settings - Advanced settings - In personal chats, groups, channels, DISABLE ALL CHECKS IN ALL AUTOLOAD MEDIA ITEMS
Found rce is played through the video player in Telegram. Therefore, the safest solution is to disable auto-downloading of files.
Information about the exploit itself is currently known only in narrow circles
https://vimeo.com/932147196
@Bl4nk_Room
Vimeo
telegram rce
This is "telegram rce" by zxc on Vimeo, the home for high quality videos and the people who love them.
🤔2👎1
Forwarded from Hattori Hanzo
ASSESSING AND EXPLOITING CONTROL SYSTEM AND IIOT.7z
477.2 MB
ASSESSING AND EXPLOITING CONTROL SYSTEM AND IIOT (2020)
Blackhat USA 2020
https://www.blackhat.com/us-20/training/schedule/listing.html#assessing-and-exploiting-control-system-and-iiot-19234
Blackhat USA 2020
https://www.blackhat.com/us-20/training/schedule/listing.html#assessing-and-exploiting-control-system-and-iiot-19234
❤5👍2
Forwarded from کانال بایت امن
#Webinar
Malware Development Workshop
Speakers : Uriel Kosayev, Pavel Yosifovich | TrainSec.net
What you will learn in the workshop
1. What is Malware Analysis
2. What is Malware Development
3. The Malware Development Life Cycle
4. Why it's important for Red Teamers and Blue Teamers
5. Practical Malware Reverse Engineering and Development Examples
وبینار توسعه بدافزار با حضور Uriel Kosayev و Pavel Yosifovich در تاریخ 17 آپریل برگزار خواهد شد.
جهت اطلاع بیشتر بر روی لینک عنوان کلیک کنید.
🦅 کانال بایت امن | گروه بایت امن
_
Malware Development Workshop
Speakers : Uriel Kosayev, Pavel Yosifovich | TrainSec.net
What you will learn in the workshop
1. What is Malware Analysis
2. What is Malware Development
3. The Malware Development Life Cycle
4. Why it's important for Red Teamers and Blue Teamers
5. Practical Malware Reverse Engineering and Development Examples
وبینار توسعه بدافزار با حضور Uriel Kosayev و Pavel Yosifovich در تاریخ 17 آپریل برگزار خواهد شد.
جهت اطلاع بیشتر بر روی لینک عنوان کلیک کنید.
_
Please open Telegram to view this post
VIEW IN TELEGRAM
❤4🍌3🌭2💅2🥰1
"Windows Address Translation Deep Dive – Part 1"
First of all, we need to go back to the past – the 16-bit era – and take a look at memory segmentation. A feature which still exists today on modern processors but is thankfully ignored on x64 processors when operating in long mode. Although, before we take a look at that, it’s important to recognise that there are three fundamental memory models: physical, flat (sometimes called linear) and segmented. Along with this, there are three modes of operation which the processor can be in: real mode, protected mode and system management mode (SMM)
https://bsodtutorials.wordpress.com/2021/06/14/windows-address-translation-deep-dive-part-1/
First of all, we need to go back to the past – the 16-bit era – and take a look at memory segmentation. A feature which still exists today on modern processors but is thankfully ignored on x64 processors when operating in long mode. Although, before we take a look at that, it’s important to recognise that there are three fundamental memory models: physical, flat (sometimes called linear) and segmented. Along with this, there are three modes of operation which the processor can be in: real mode, protected mode and system management mode (SMM)
Differences in Memory Models
Differences in Modes :
+Real Mode
+Protected Mode
Privilege Levels
Paging and Segmentation
https://bsodtutorials.wordpress.com/2021/06/14/windows-address-translation-deep-dive-part-1/
❤3👍1
Source Byte
"Windows Address Translation Deep Dive – Part 1" First of all, we need to go back to the past – the 16-bit era – and take a look at memory segmentation. A feature which still exists today on modern processors but is thankfully ignored on x64 processors when…
" Windows Address Translation Deep Dive – Part 2 "
In the first part of this post series, we looked at how segmentation worked and how a virtual address (linear address) was constructed. This part we will exploring how our linear address is translated by the memory management unit (MMU) to a physical address and the structures which Windows uses to manage this process.
https://bsodtutorials.wordpress.com/2024/04/05/windows-address-translation-deep-dive-part-2/
In the first part of this post series, we looked at how segmentation worked and how a virtual address (linear address) was constructed. This part we will exploring how our linear address is translated by the memory management unit (MMU) to a physical address and the structures which Windows uses to manage this process.
https://bsodtutorials.wordpress.com/2024/04/05/windows-address-translation-deep-dive-part-2/
👍4
VMProtect Analysis
https://shhoya.github.io/vmp_vmpintro.html#0x01-requirements
https://shhoya.github.io/vmp_vmpintro.html#0x01-requirements
👍4
👍3👏1
Beginner guide to game hacking (Guidedhacking)
Link
Link
👍4❤1🔥1
How to Unpack VMProtect Tutorial - no virtualization
Link
Link
👍3❤1
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
https://github.com/Karkas66/CelestialSpark
https://github.com/Karkas66/CelestialSpark
🔥3👍1
OALABS Research
Lumma Stealer Obfuscation
https://research.openanalysis.net/lumma/obfuscation/cff/ida/2024/04/07/lumma-cff.html
Lumma Stealer Obfuscation
https://research.openanalysis.net/lumma/obfuscation/cff/ida/2024/04/07/lumma-cff.html
👍2🔥1
Forwarded from PT SWARM
🏭 We've tested the new RCE in Microsoft Outlook (CVE-2024-21378) in a production environment and confirm it works well!
A brief instruction for red teams:
1. Compile our enhanced DLL;
2. Use NetSPI's ruler and wait!
No back connect required!
🔥 📐📏
A brief instruction for red teams:
1. Compile our enhanced DLL;
2. Use NetSPI's ruler and wait!
No back connect required!
🔥 📐📏
❤5🔥2👍1
many asks about VMProtect situation , so i decide to share
RE504 from OALabs
context :
RE504 from OALabs
context :
01 - How To Unpack VMProtect Malware - Part 1
02 - How To Unpack VMProtect Malware - Part 2
03 - How To Unpack VMProtect Malware - Part 3
04 - How To Unpack VMProtect 3 (x64) Night Sky Ransomware (final)
👍8❤1
Forwarded from Proxy Bar
CVE-2024-21378 Microsoft Outlook Remote Code Execution
*
Описание работы внутри файла
*
POC exploit
#outlook #exploit
*
Описание работы внутри файла
*
POC exploit
#outlook #exploit
👍4👎1
Forwarded from Source Byte (Anastasia 🐞)
ETW series
[ 1 ] ETW visualization
[ 2 ] Uncovering Windows Events
[ 3 ] ETW internals for security research and forensics
[ 4 ] Exploiting a “CVE-2020-1034” Vulnerability – In 35 Easy Steps or Less!
[ 5 ] Design issues of modern EDRs: bypassing ETW-based solutions
[ 6 ] A Primer On Event Tracing For Windows (ETW)
[ 7 ] Windows 10 ETW Events references collection
[ 8 ] evading EDR book [ 1 ] , [ 2 ]
[ 9 ] Detecting In-Memory Threats with Kernel ETW Call Stacks
[ 10 ] Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
[ 11 ] A Begginers All Inclusive Guide to ETW
[ 12 ] ETW References
[ 13 ] Give Me an E, Give Me a T, Give Me a W. What Do You Get? RPC! (pars events from the RPC ETW)
[ 14 ] Attacks on ETW Blind EDR Sensors ( black hat con )
[ 15 ] This write-up will present a case study of using ETW (Event Tracing for Windows) to analyze an active Cobalt Strike Beacon that was still active and communicating to it's C2 Server.
[ 16 ] Event Tracing for Windows (ETW): Your Friendly Neighborhood IPC Mechanism
[ 17 ] Understanding ETW Patching
[ 18 ] coming soon...
———
@islemolecule_source
[ 1 ] ETW visualization
[ 2 ] Uncovering Windows Events
[ 3 ] ETW internals for security research and forensics
[ 4 ] Exploiting a “CVE-2020-1034” Vulnerability – In 35 Easy Steps or Less!
[ 5 ] Design issues of modern EDRs: bypassing ETW-based solutions
[ 6 ] A Primer On Event Tracing For Windows (ETW)
[ 7 ] Windows 10 ETW Events references collection
[ 8 ] evading EDR book [ 1 ] , [ 2 ]
[ 9 ] Detecting In-Memory Threats with Kernel ETW Call Stacks
[ 10 ] Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
[ 11 ] A Begginers All Inclusive Guide to ETW
[ 12 ] ETW References
[ 13 ] Give Me an E, Give Me a T, Give Me a W. What Do You Get? RPC! (pars events from the RPC ETW)
[ 14 ] Attacks on ETW Blind EDR Sensors ( black hat con )
[ 15 ] This write-up will present a case study of using ETW (Event Tracing for Windows) to analyze an active Cobalt Strike Beacon that was still active and communicating to it's C2 Server.
[ 16 ] Event Tracing for Windows (ETW): Your Friendly Neighborhood IPC Mechanism
[ 17 ] Understanding ETW Patching
[ 18 ] coming soon...
———
@islemolecule_source
❤5👍2
Source Byte
ETW series [ 1 ] ETW visualization [ 2 ] Uncovering Windows Events [ 3 ] ETW internals for security research and forensics [ 4 ] Exploiting a “CVE-2020-1034” Vulnerability – In 35 Easy Steps or Less! [ 5 ] Design issues of modern EDRs: bypassing ETW…
post updated :
[ 17 ] Understanding ETW Patching added to the list
[ 17 ] Understanding ETW Patching added to the list
❤5👍2
obfus.h is a macro-only library for compile-time obfuscating C applications, designed specifically for the Tiny C (tcc). It is tailored for Windows x86 and x64 platforms and supports all versions of the compiler.
https://github.com/DosX-dev/obfus.h
https://github.com/DosX-dev/obfus.h
❤7👍3🔥1