275
Группа энтузиастов бинарной эксплуатации. Штаб: Казахстан Пишите в одно сообщение - это поможет нам всем Binary exploitation enthusiasts. Group origin: Kazakhstan Please try to write in a single message
Кроме спама тут мало активности, у меня тоже рука потянулась)
Читать полностью…
☢️ Malware development: persistence - part 1. Registry run keys. C++ example.
☢️ Malware development: persistence - part 2. Screensaver hijack. C++ example.
☢️ Malware development: persistence - part 3. COM DLL hijack.
☢️ Malware development: persistence - part 4. Windows services. Simple C++ example.
☢️ Malware development: persistence - part 5. AppInit_DLLs. Simple C++ example.
☢️ Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example.
☢️ Malware AV evasion: part 7. Disable Windows Defender. Simple C++ example.
☢️ Malware AV evasion - part 8. Encode payload via Z85 algorithm. C++ example.
☢️ Malware AV evasion - part 9. Encrypt base64 encoded payload via RC4. C++ example.
☢️ Malware AV/VM evasion - part 10: anti-debugging. NtGlobalFlag. Simple C++ example.
☢️ Malware AV/VM evasion - part 11: encrypt payload via DES. Simple C++ example.
☢️ Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example.
☢️ Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example.
☢️ Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.
☢️ Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example.
☢️ Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.
☢️ Malware development: persistence - part 22. Windows Setup. Simple C++ example.
☢️ Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example.
☢️ Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.
☢️ Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.
☢️ Malware development: persistence - part 23. LNK files. Simple Powershell example.
☢️ Malware development: persistence - part 24. StartupApproved. Simple C example.
☢️ Malware and cryptography 22: encrypt/decrypt payload via XTEA. Simple C++ example.
☢️ Malware and cryptography 23: encrypt/decrypt file via TEA. Simple C/C++ example.
☢️ Malware and cryptography 24: encrypt/decrypt file via Madryga. Simple C/C++ example.
☢️ Malware and cryptography 25: encrypt/decrypt payload via RC6. Simple C/C++ example.
☢️ Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example.
☢️ Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.
☢️ Malware development: persistence - part 22. Windows Setup. Simple C++ example.
☢️ Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example.
☢️ Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.
☢️ Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.
🧠 t.me/DevexploitЧитать полностью…
Дайте админку, буду банить ботов
Хорошая группа, будет грустно если она утонет в спаме
Окей, ток начинаю, буду сюда появившиеся вопросы писать (после гугла).
Читать полностью…
и врайтап на него (только реверс и нахождения уязв)
https://github.com/Sh3lldon/WinPWN/tree/main/Reaper
So, the first part of the Reaper challenge on vulnlab completed! w00t w00t. BTW it is insane level Windows x64 Binary Exploitation challenge. The second part will be about Windows Kernel Driver Exploitation. 😈
Читать полностью…
After reading this article I decided to try using the adsprpc driver by accessing /dev/adsprpc-smd . But I got an eacces error. As I understand it, access to the file is denied through selinux. How does the exploit gain access to the driver?
https://www.google.com/amp/s/www.bleepingcomputer.com/news/security/qualcomm-patches-high-severity-zero-day-exploited-in-attacks/amp/
☢️ Malware development: persistence - part 1. Registry run keys. C++ example.
☢️ Malware development: persistence - part 2. Screensaver hijack. C++ example.
☢️ Malware development: persistence - part 3. COM DLL hijack.
☢️ Malware development: persistence - part 4. Windows services. Simple C++ example.
☢️ Malware development: persistence - part 5. AppInit_DLLs. Simple C++ example.
☢️ Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example.
☢️ Malware AV evasion: part 7. Disable Windows Defender. Simple C++ example.
☢️ Malware AV evasion - part 8. Encode payload via Z85 algorithm. C++ example.
☢️ Malware AV evasion - part 9. Encrypt base64 encoded payload via RC4. C++ example.
☢️ Malware AV/VM evasion - part 10: anti-debugging. NtGlobalFlag. Simple C++ example.
☢️ Malware AV/VM evasion - part 11: encrypt payload via DES. Simple C++ example.
☢️ Malware AV/VM evasion - part 12: encrypt/decrypt payload via TEA. Simple C++ example.
☢️ Malware AV/VM evasion - part 13: encrypt/decrypt payload via Madryga. Simple C++ example.
☢️ Malware AV/VM evasion - part 14: encrypt/decrypt payload via A5/1. Bypass Kaspersky AV. Simple C++ example.
☢️ Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example.
☢️ Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.
☢️ Malware development: persistence - part 22. Windows Setup. Simple C++ example.
☢️ Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example.
☢️ Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.
☢️ Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.
☢️ Malware development: persistence - part 23. LNK files. Simple Powershell example.
☢️ Malware development: persistence - part 24. StartupApproved. Simple C example.
☢️ Malware and cryptography 22: encrypt/decrypt payload via XTEA. Simple C++ example.
☢️ Malware and cryptography 23: encrypt/decrypt file via TEA. Simple C/C++ example.
☢️ Malware and cryptography 24: encrypt/decrypt file via Madryga. Simple C/C++ example.
☢️ Malware and cryptography 25: encrypt/decrypt payload via RC6. Simple C/C++ example.
☢️ Malware AV/VM evasion - part 15: WinAPI GetModuleHandle implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 16: WinAPI GetProcAddress implementation. Simple C++ example.
☢️ Malware AV/VM evasion - part 17: bypass UAC via fodhelper.exe. Simple C++ example.
☢️ Malware AV/VM evasion - part 18: encrypt/decrypt payload via modular multiplication-based block cipher. Simple C++ example.
☢️ Malware development: persistence - part 22. Windows Setup. Simple C++ example.
☢️ Malware and cryptography 1: encrypt/decrypt payload via RC5. Simple C++ example.
☢️ Malware and cryptography 20: encrypt/decrypt payload via Skipjack. Simple C++ example.
☢️ Malware and cryptography 21: encrypt/decrypt payload via WAKE. Simple C++ example.
🧠 t.me/DevexploitЧитать полностью…