Be better than yesterday -
This video showcases how it was possible to modify several publicly available tools and customise a template C++ file that will perform shellcode process injection which bypasses Windows Defender, obtaining a fully functional reverse shell on a victim's Windows machine.
It was possible to generate a .DLL payload file with cross-compilation on a Kali machine that performs shellcode process injection with AES encryption by utilising references from a publicly available Github repository.
The video provides a step-by-step walkthrough guide and a practical demonstration on how you can generate a .DLL payload file in C++ that will achieve a Meterpreter reverse shell on a Windows machine that has Windows Defender running.
The video also provides a high-level explanation on why .DLL payload files are useful, and shares an article which discuss a practical use case referencing Microsoft Teams, whereby .DLL payload files can be leveraged for persistence and proxy execution.
Github repository reference:
https://github.com/TheD1rkMtr/Shellcode-Hide
Microsoft Teams article reference:
https://milosilo.com/hacking/microsoft-teams-proxy-dll-hijacking/#:~:text=DLL%20Hijacking%20using%20a%20proxy,commands%20to%20the%20intended%20dll.
Gemini Security Awesome Hacking T-Shirts - Support the channel:
https://www.redbubble.com/people/GeminiSecurity/shop?asc=u
This video showcases how it was possible to modify several publicly available tools and customise a template C++ file that will perform shellcode process injection which bypasses Windows Defender, obtaining a fully functional reverse shell on a victim's Windows machine.
It was possible to generate a .DLL payload file with cross-compilation on a Kali machine that performs shellcode process injection with AES encryption by utilising references from a publicly available Github repository.
The video provides a step-by-step walkthrough guide and a practical demonstration on how you can generate a .DLL payload file in C++ that will achieve a Meterpreter reverse shell on a Windows machine that has Windows Defender running.
The video also provides a high-level explanation on why .DLL payload files are useful, and shares an article which discuss a practical use case referencing Microsoft Teams, whereby .DLL payload files can be leveraged for persistence and proxy execution.
Github repository reference:
https://github.com/TheD1rkMtr/Shellcode-Hide
Microsoft Teams article reference:
https://milosilo.com/hacking/microsoft-teams-proxy-dll-hijacking/#:~:text=DLL%20Hijacking%20using%20a%20proxy,commands%20to%20the%20intended%20dll.
Gemini Security Awesome Hacking T-Shirts - Support the channel:
https://www.redbubble.com/people/GeminiSecurity/shop?asc=u
- Категория
- Язык программирования C++
Комментариев нет.