Explore >> Select a destination
|
You are here 
|
scorpiosoftware.net | ||
| | | | |
randomascii.wordpress.com
|
|
| | | | | I've written previously about the importance of crashing in order to improve code quality. However even the seemingly simple task of crashing can be more error prone than you might expect. I've recently become aware of two different problems that can happen when crashing in 64-bit Windows. There is a Windows bug which can make... | |
| | | | |
m417z.com
|
|
| | | | | A couple of weeks ago, Windhawk, the customization marketplace for Windows programs, was released. You can read the announcement for more details and for the motivation behind creating it. In this post, I'll focus on my journey in implementing the technical aspects of Windhawk. If you prefer reading code to reading text, check out the demo implementation. | |
| | | | |
blog.jitendrapatro.me
|
|
| | | | | [AI summary] The user is asking for a detailed explanation of how to bypass the root detection in the OWASP Uncrackable Android App. The solution involves two main approaches: using Frida to hook and modify the System.exit(0) call, and using jdb to set breakpoints and alter the behavior of the app. The user also provides code snippets and commands for both methods, highlighting the steps needed to achieve the goal. | |
| | | | |
0xdf.gitlab.io
|
|
| | | I loved Sizzle. It was just a really tough box that reinforced Windows concepts that I hear about from pentesters in the real world. I'll start with some SMB access, use a .scf file to capture a users NetNTLM hash, and crack it to get creds. From there I can create a certificate for the user and then authenticate over WinRM. I'll Kerberoast to get a second user, who is able to run the DCSync attack, leading to an admin shell. I'll have two beyond root sections, the first to show two unintended paths, and the second to exploit NTLM authentication over HTTP, and how Burp breaks it. | ||
