h3xduck
|
748062f464
|
Adapted memory analysis to larger memory addresses inside the virtual address space. Solved bugs and others, adapting code for RELRO.
|
2022-04-04 17:07:45 -04:00 |
|
h3xduck
|
8f28c3a883
|
Updated helpers and added resources to help with lib injection
|
2022-03-24 15:40:05 -04:00 |
|
h3xduck
|
9647972531
|
Finished extraction of stack return address
|
2022-03-17 13:18:19 -04:00 |
|
h3xduck
|
671e2d671d
|
Added extraction of original jump instruction and opcodes
|
2022-03-15 18:36:59 -04:00 |
|
h3xduck
|
e64839f080
|
Added new libc symbols extraction
|
2022-03-02 19:00:50 -05:00 |
|
h3xduck
|
805fa760cf
|
Corrected issues of opening directories without permission in execve helper
|
2022-02-24 19:53:11 -05:00 |
|
h3xduck
|
b182ac1eeb
|
Added new TC module, updates to the exec hooking system and the userland module
|
2022-02-20 16:50:15 -05:00 |
|
h3xduck
|
1ec4ed8486
|
Now the execve hijacker works without needing a canalizer. Removed it. Also some additional tweaks to the c&c launching of the helper
|
2022-02-19 11:57:32 -05:00 |
|
h3xduck
|
130364e6ab
|
Added support for integrating the execution hijacker via the rootkit. Still some work to do, also changed some config from fs which needs to be reverted
|
2022-02-18 09:08:54 -05:00 |
|
h3xduck
|
0e022a8385
|
Completed execution of arbitrary commands sent from the backdoor client
|
2022-02-18 04:06:18 -05:00 |
|
h3xduck
|
b68e01c057
|
Finished pseudo-connection between client and rootkit backdoor. Updated library to latest version.
|
2022-02-18 03:32:07 -05:00 |
|
h3xduck
|
431a019931
|
Updated my RawTCPLib library with newest version supporting sniffing for payloads. Also new data in preparation for complete RCE module
|
2022-02-16 19:38:39 -05:00 |
|