-
Recent Posts
- Shellcode: Windows on ARM64 / AArch64
- Delegated NT DLL
- WOW64 Callback Table (FinFisher)
- Shellcode: Linux on RISC-V 64-Bit
- MiniDumpWriteDump via COM+ Services DLL
- Shellcode: In-Memory Execution of JavaScript, VBScript, JScript and XSL
- Shellcode: In-Memory Execution of DLL
- Shellcode: Loading .NET Assemblies From Memory
- Shellcode: A reverse shell for Linux in C with support for TLS/SSL
- How the L0pht (probably) optimized attack against the LanMan hash.
Tag Archives: vbscript
MiniDumpWriteDump via COM+ Services DLL
Introduction This will be a very quick code-oriented post about a DLL function exported by comsvcs.dll that I was unable to find any reference to online. UPDATE: Memory Dump Analysis Anthology Volume 1 that was published in 2008 by Dmitry … Continue reading
Shellcode: In-Memory Execution of JavaScript, VBScript, JScript and XSL
Introduction A DynaCall() Function for Win32 was published in the August 1998 edition of Dr.Dobbs Journal. The author, Ton Plooy, provided a function in C that allows an interpreted language such as VBScript to call external DLL functions via a … Continue reading
Posted in assembly, programming, security, shellcode, windows
Tagged assembly, javascript, jscript, perl, python, shellcode, vbscript, x86
Leave a comment
Shellcode: Loading .NET Assemblies From Memory
Introduction The dot net Framework can be found on almost every device running Microsoft Windows. It is popular among professionals involved in both attacking (Red Team) and defending (Blue Team) a Windows-based device. In 2015, the Antimalware Scan Interface (AMSI) … Continue reading
Posted in assembly, encryption, malware, programming, security, shellcode, windows
Tagged .net, c++, donut, dotnet, jscript, powershell, vbscript
2 Comments
modexp 