-
Recent Posts
- Shellcode: Windows on ARM64 / AArch64
- Delegated NT DLL
- WOW64 Callback Table (FinFisher)
- Shellcode: Linux on RISC-V 64-Bit
- MiniDumpWriteDump via COM+ Services DLL
- Shellcode: In-Memory Execution of JavaScript, VBScript, JScript and XSL
- Shellcode: In-Memory Execution of DLL
- Shellcode: Loading .NET Assemblies From Memory
- Shellcode: A reverse shell for Linux in C with support for TLS/SSL
- How the L0pht (probably) optimized attack against the LanMan hash.
Tag Archives: x64
Delegated NT DLL
Introduction redplait and Adam/Hexacorn already documented this in 2017 and 2018 respectively, so it’s not a new discovery. Officially available since RedStone 2 released in April 2017, redplait states it was introduced with insider build 15007 released in January 2017. … Continue reading
Posted in data structures, security, windows
Tagged amd64, ARM64, hacking, internals, shellcode, structures, windows, x64, x86
Leave a comment
WOW64 Callback Table (FinFisher)
Introduction Ken Johnson (otherwise known as Skywing) first talked about the KiUserExceptionDispatcher back in 2007 . Since then, scattered around the internet are various posts talking about it, but for some reason nobody demonstrating how to use it. It’s been … Continue reading
Posted in assembly, data structures, programming, security, windows
Tagged windows, x64, x86
1 Comment
modexp 