all InfoSec news
SharpEventPersist - Persistence By Writing/Reading Shellcode From Event Log
June 13, 2022, 9:30 p.m. | noreply@blogger.com (Unknown)
KitPloit - PenTest Tools! www.kitploit.com
Persistence by writing/reading shellcode from Event Log.
Usage
The SharpEventPersist tool takes 4 case-sensitive parameters:
- -file "C:\path\to\shellcode.bin"
- -instanceid 1337
- -source Persistence
- -eventlog "Key Management Service".
The shellcode is converted to hex and written to the "Key Management Service", event level is set to "Information" and source is "Persistence".
Run the SharpEventLoader tool to fetch shellcode from event log and execute it. Ideally this should be converted to a DLL and sideloaded on program start/boot.
Remember to change the Event Log …
More from www.kitploit.com / KitPloit - PenTest Tools!
VectorKernel - PoCs For Kernelmode Rootkit Techniques Research
1 day, 15 hours ago |
www.kitploit.com
Cookie-Monster - BOF To Steal Browser Cookies & Credentials
2 days, 15 hours ago |
www.kitploit.com
Sicat - The Useful Exploit Finder
1 week, 3 days ago |
www.kitploit.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Junior Cybersecurity Triage Analyst
@ Peraton | Linthicum, MD, United States
Associate Director, Operations Compliance and Investigations Management
@ Legend Biotech | Raritan, New Jersey, United States
Analyst, Cyber Operations Engineer
@ BlackRock | SN6-Singapore - 20 Anson Road
Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)
@ AVL | Regensburg, DE