Tag: windows

Backdoors

A stealthy Python based Windows backdoor that uses Github as a C&C server

CanisRufus is a stealthy Python based Windows backdoor that uses Github as a command and control server. – https://github.com/maldevel/canisrufus The red wolf (Canis rufus or Canis lupus rufus), also known as the Florida wolf or Mississippi Valley wolf, is a canid of unresolved taxonomic identity native to the eastern United States. It is generally, morphologically, …

Exploitation, Training

Compile a simple vulnerability on modern Windows

Visual Studio 2015 Open Visual Studio. Project Properties -> General -> Platform Toolset: Visual Studio 2010 (v100) or Windows7.1SDK Project Properties -> C/C++ -> Optimization -> Optimization: Disabled (/Od) Project Properties -> C/C++ -> Code Generation -> Security Check: Disable Security Check (/GS-) Project Properties -> C/C++ -> Advanced -> Compile As: Compile as C …

C/C++, Hacking, Post-Exploitation, Programming

Generating a unique machine id

The following code snippets is from Post-recon project. This project is a work in progress. You can check Github for the full source code, here I will just point out the most interesting parts. Current source code Generate computer unique ID Architecture Windows OS version Cpu Gpu is admin? MotherBoard Chassis Type Username PC name …

C/C++, Programming

Build Standalone Qt Application for Windows

Download Visit http://info.qt.io/download-qt-for-application-development Select “Get your open source package“ Click “View All Downloads“ Download source package for Windows users as a single zip file (565 MB) Build a static version of Qt using Microsoft Visual Studio Download and Install Perl (http://www.activestate.com/activeperl/downloads). Download and Install Python (https://www.python.org/downloads/). Make sure that Microsoft Visual Studio is installed. Create …

Hardening, Microsoft Windows server 2016

Windows Server Hardening – Account Policies

The following were tested on Windows Server 2016 (Screenshots included). Account Policies Password Policy 1. Ensure ‘Enforce password history’ is set to ’24 or more password(s) Description: This policy setting determines the number of renewed, unique passwords that have to be associated with a user account before you can reuse an old password. The value …

Rootkits

Windows Drivers

WDK- Windows Driver Kit Windows Driver Kit gives you the tools you need to develop, build, package, deploy, test, and debug drivers. You can run many basic certification tests in the integrated environment. The Windows Driver Kit (WDK) includes templates for several technologies and driver models, including Windows Driver Frameworks (WDF), Universal Serial Bus (USB), …

Debian

How to mount Windows share on Debian

Install mount.cifs mount.cifs mounts a Linux CIFS filesystem. It is usually invoked indirectly by the mount command when using the “-t cifs” option. This command only works in Linux, and the kernel must support the cifs filesystem. The CIFS protocol is the successor to the SMB protocol and is supported by most Windows servers and …

C

c – Output coloured text to a Windows terminal

GetStdHandle function retrieves a handle to the specified standard device (standard input, standard output, or standard error). GetConsoleScreenBufferInfo function retrieves information about the specified console screen buffer. SetConsoleTextAttribute function sets the attributes of characters written to the console screen buffer by the WriteFile or WriteConsole function, or echoed by the ReadFile or ReadConsole function. This …

Microsoft Windows

How to delete a folder in use

1. Start Process Explorer from SysInternals suite. 2. Press Ctrl+F to open Search window. 3. Search for the folder name that you want to delete but it’s in use. 4. Kill all the processes that use this folder. 5. Delete the folder. https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx https://technet.microsoft.com/en-us/sysinternals/bb842062