SLAE32 #1Bind TCP shell

Commenti

Posta un commento

Post popolari in questo blog

C++ Reverse Shell attempting obfuscation while dynamically loading API.

Immagine
 C++ Reverse Shell Attempting Obfuscation While Dynamically Loading Windows API This time, I wrote a Reverse Shell in C++, attempting to bypass AV by loading Windows APIs dynamically. Sadly, this time I could not use antiscan.me to test this Shell since that site is not working anymore. The Reverse Shell uses the following Windows API: LoadLibraryA GetProcAddress WSAStartup WSASocketA WSAConnectA CreateProcessA ExitProcess Every API has been loaded dynamically to try to bypass AV controls. Loading Windows API Dynamically: How to Read the Following Paragraph // Creating the signature of the function // Creating an instance of the function // Calling the function  LoadLibraryA Becomes loader using loader = HMODULE(__stdcall*)(LPCSTR); loader loader_a = reinterpret_cast<loader>((FARPROC)GetProcAddress(LoadLibraryA(x), "LoadLibraryA")); getter getter_a = reinterpret_cast<getter>((FARPROC)GetProcAddress(loade
Continua a leggere

Unveiling CVE-2024-44777, CVE-2024-44778, and CVE-2024-44779

Immagine
Unveiling CVE-2024-44777 , CVE-2024-44778 , and CVE-2024-44779 How Curiosity and Boredom Can Lead to Discovering Unknown Vulnerabilities In this discussion, I will focus on vTiger CRM 7.4.0, an older version of the CRM platform that, despite its age, remains an important research target.  I discovered a Reflected XSS vulnerability in this version, which is especially concerning since there is no public CVE associated with it.so many users are likely unaware of this security risk.
Continua a leggere

Notes on an ASM X64 Reverse Shell

Immagine
  Notes an ASM X64 Reverse Shell This article is a collection of Resources that i used to create a x64 reverse shell in pure ASM. Furthermore you can find the code that I wrote commented line by line.   The Resources: The starting point Windows X64 calling convention GetProcAddress WSAstartup WSASocketA Sockaddr WSAConnect CreateProcessA STARTUPINFOA ExitProcess The Steps: Finding Kernel32.dll Address Parsing Kernel32.dll to find GetProcAddress API  Using GetProcAddress to find LoadLibrary API Loading the ws2_32.dll Using GetProcAddress to locate and store WSAStartup address Using GetProcAddress to locate and store WSASocketA address Using GetProcAddress to locate and store WSAConnect address Using GetProcAddress to locate and store CreateProcessA address Using GetProcAddress to locate and store ExitProcess address Calling WSAstartup() Calling WSASocketa() Creating the sockaddr structure Calling WSAConnect() Pushing cmd.exe string to stack Setting STARTUPINFOA Structure Calling CreateP
Continua a leggere