Introduction This blog post will explore how to embed malicious payload into the RDP configuration file. By leveraging the innate properties of the file extensions and specific RDP configuration parameters, I have successfully injected malicious content without impeding the file’s intended functionality. Today’s topic delves into the technical details of this defense evasion technique and … Read more
MITRE : CVE-2022-46637 Advisory: exploit Intro Last October, I was planning to visit the philippine to get some rest away from work and life pressure. And I would say that was a great direction to relax and enjoy the beauty of nature. It was a joyful stay, But I was struggling with the quality of … Read more
introduction and here we are in part three of this series, and in this blog post, I am going to finish the operational part of our c2c that includes a stable demo with a very straightforward execution flow. before start explaining the topic for today, there are some questions asked about why I want the … Read more
In memory of Terry Davis (August 11, 2018) an idiot admire complexity, a genius admires simplicity Terry Davis In this part, I will continue developing the team server for the operator side and designing the operator GUI interface. since the topic will contain several cod blocks, I have done the workshop videos via twitch and … Read more
Introduction Over a while, the development of c2c has increased rapidly, including the number of new commercial frameworks, which I will not mention because I am not here to advertise any, and there are awesome open-sourced projects such as sliver, Covenant, and many more. In this article, I will shed light on the uncovered offensive … Read more
What is Zero Trust Security? Zero Trust security is an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. ZTNA is the main technology associated with Zero Trust architecture, but Zero Trust is a holistic … Read more
Malwarebytes provides a support tool that automatically repairs and fixes software issues and broken configurations, that’s actually common for anti-malware software to assist their customers to do that. after navigation into HelpCenter inside the Malwarebytes interface, you need to download the software package which will do self-extraction and requires elevated permission to continue running. since … Read more
Intro a recent code execution vulnerability targeting office365 using unpatched vulnerability which allows client-side command execution via ms-msdt protocol. the first appearance of wild exploitation comes from the submitted sample over Virus- total. according to Microsoft security response center announcement, An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of … Read more
https://github.com/0xsp-SRD/mortar Words to say I released the Mortar loader a couple of months ago, and it was good results in defeating and diverting advanced AV(anti-virus) solutions. However, even after many vendors pushed some updates to detect the loader, it was easy to compile an undetectable version by changing some code lines.,And here I am pointing … Read more
Research Agenda Part1 – porting the backdoor for windows (READY) Part2 – porting the backdoor for Linux/Unix (IN PROGRESS) Part3 – hiding the process (IN PROGRESS) Part4 – provision of techniques (IN PROGRESS) RootKits Definitions According to Greg Hoglund, a rootkit is “a set of programs and code that allows a permanent or consistent, undetectable presence on a … Read more