-
Hi
i have question
how can change the exe or other payload formats to ./sc.exe for example
exe to ./exe
or b.dll to ./b.dll
Thanks
regards
-
Is it possible to highlight a heap in someone else's process?
-
Requesting config extraction for Ursnif. I am able to get the final Ursnif payload that's injected into Explorer.exe using CAPE extraction and a yara rule. I've done some RE and have the functions tha…
enzok updated
6 years ago
-
Hi,
I tried to search "call esp" gadget. It was not found.
On the other hand, I used "ropchain virtualprotect" command then "call esp" gadget found in the gadgets.
(a.exe/PE/x86)> search call e…
-
Trying to follow http://www.miasm.re/blog/2016/02/12/dynamic_shellcode_analysis.html#deeper-in-the-shellcode, but it failed to load the dll files, and only works if I set it to load only one.
Tried…
-
Hi. Is there a way to handle standard library calls made by a binary?
I cannot seem to disassemble the function directly from miasm.
-
I am trying to customize my rule set for snort. Here is what my files look like:
disablesid.conf: `pcre:.`
enablesid.conf: `pcre:'server-apache'`
`sudo ./pulledpork.pl -PE -v -c /etc/snort/pul…
-
I have a MIPS 32 bit ELF executable but I can't really figure out how to disassemble it. No matter what start address I provide, I'm always getting the following warning
WARNING: cannot disasm (guess…
-
Author: Joshua Pitts
Email: the.midnite.runr[-at ]gmailcom
Twitter: @midnite_runr
IRC: freenode.net #BDFactory
Version: 3.4…
-
## Steps to reproduce
Python 2.7.12rc1
Linux kali 4.5.0-kali1-686-pae #1 SMP Debian 4.5.5-1kali1 (2016-06-06) i686 GNU/Linux
Framework Version: 4.12.7-dev
Hi i use payload meterpreter/reverse_tcp
``…