Hacking

Hacking

177 bookmarks
Custom sorting
SELinux bypasses | Klecko Blog
SELinux bypasses | Klecko Blog
This post aims at giving an overview of what SELinux is, how it is implemented, and how to bypass it, from the point of view of Android kernel exploitation.
·klecko.github.io·
SELinux bypasses | Klecko Blog
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
In this blog post, I will explain a vulnerability in the Microsoft Windows Desktop Windows Manager (DWM) Core library that I analyzed when the exploit for Core Impact was being developed. This vulnerability allows an unprivileged attacker to execute code as a DWM user with Integrity System privileges (CVE-2024-30051).
·coresecurity.com·
Windows DWM Core Library Elevation of Privilege Vulnerability (CVE-2024-30051)
Malware development part 1 - basics – 0xPat blog – Red/purple teamer
Malware development part 1 - basics – 0xPat blog – Red/purple teamer
Introduction This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist. Let’s create a C++ application that will run malicious shellcode while trying to not be caught by AV software. Why C++ and not C# or PowerShell script? Because it’s much more difficult to analyze compiled binary when compared to managed code or script. For the purpose of this and following articles we will use MS Visual Studio 2017 or 2019 on Windows 10.
·0xpat.github.io·
Malware development part 1 - basics – 0xPat blog – Red/purple teamer
emproof-com/nyxstone: Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com
emproof-com/nyxstone: Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com
Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com - emproof-com/nyxstone
·github.com·
emproof-com/nyxstone: Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com
How I hacked smart lights: the story behind CVE-2022-47758
How I hacked smart lights: the story behind CVE-2022-47758
Introduction In this blogpost, we take a closer look at our research regarding CVE-2022-47758: a critical vulnerability impacting a very large number of Internet of Things smart devices. We could leverage this vulnerability in the lamp's firmware for unauthenticated remote code execution on the entire device with the highest privileges
·pwning.tech·
How I hacked smart lights: the story behind CVE-2022-47758
Persistence Techniques That Persist
Persistence Techniques That Persist
Abstract Once threat actors gain a foothold on a system, they must implement techniques to maintain that access, even in the event of restarts, updates in credentials or any other type of change...
·cyberark.com·
Persistence Techniques That Persist