by /u/notyourgirlfriendagain · 2024-04-15 00:33:00 in /d/CafeDread
0 votes · 18 comments
- /u/notyourgirlfriendagain 21st April, 2024 - 04:01 You don't have the technical capabilities to do that just yet. You also probably don't know what you are trying to do. SDR go google it, buy one, learn to use it, how to program things that use it. Anyway.
by /u/specialrecon123 · 2024-04-19 17:42:00 in /d/hacking
0 votes · 7 comments
- /u/notyourgirlfriendagain 21st April, 2024 - 03:40 I will give you an exercise, that will send you on that path. First set up a dev environement, Microsoft has dev VMs with already installed but you can also install Microsoft Visual C++ manually. Turn off automatic sample submissions etc.. Do not worry about AV or anything feel free to add an exclusion to defender, obfuscation will be covered later. Then you have 2 programs to make: First one is a non interactive program that takes 2 argument from the command line: first one is the listening address and the second one is the port it should use. This program should be a TCP server that only accept one connection at a time. It should print to the tty what it receives from the 2 second program if and only if the format is correct, if it is not correct it should print the error on the screen. It must be free of access violation and heap corruptions( MSVC support ASAN you will need to google this ), it should not crash on input, if it does you need to debug it. The second program is a non interactive cli application which reads every text file that is located in the current logged on user desktop, the format should be JSON and it should look like this : { "created" : "string", "last_modified": "string", "file_size": "int", "raw_content": "base64 encoded string" } each TEXT (only text files) file on the desktop should be represented like that. It should send every read text file in the proper format to the first program using TCP. Same constraint for the first program no memory corruption, memory leaks are fine. Once you have completed this, you will have the basic building blocks for what is sometimes referred as an info stealer. To extend on it: -Implement multithreading server side to handle multiple clients at the same time ( the first time will be unpleasant ) -keeping track of clients -Sending OS, Host, machine information , cpu -Extracting passwords saved by the default browser - Adding encryption between client and server using CNG api -Saving information sent by the client to a local database server side. You can use 3rd party libraries to help yourself as it will teach you that managing dependencies in C++ is a pain in the ass. If you don't understand something it is perfectly normal, you are not expected to understand, it will get inside your mind eventually so just be patient and learn to handle frustration and failure. After that we will get to PE format( 1-3 months) process injection( 1-3 months ) , AD and privesc( 1 year ) , bluepill hypervisor ( couple years ), kernel rop compilers( 4 years ), "Compiler based obfuscation" (opaque predicates ect.. you will need compiler theory and PLT for this one, so maybe 5 years for a complete beginner to be cozy) blah blah.. . all the good shit on the MITRE ATT&CK matrix ping if need help
by /u/iloov22oo · 2024-04-20 02:14:00 in /d/hacking
0 votes · 11 comments
- /u/notyourgirlfriendagain 21st April, 2024 - 03:12 Of course...
by /u/iloov22oo · 2024-04-20 02:14:00 in /d/hacking
0 votes · 11 comments
- /u/notyourgirlfriendagain 21st April, 2024 - 03:11 A full shit take coming for a full time penetration tester, not surprised. But then again how does one learns to open a file if not trying to open a file?
by /u/iloov22oo · 2024-04-20 02:14:00 in /d/hacking
0 votes · 11 comments
- /u/notyourgirlfriendagain 21st April, 2024 - 03:02 ntdll.dll, Windows Internals part 1, part 2 search "How to do X windows api " see you in 6 months
by /u/RelishInTheKhache · 2024-04-20 18:23:00 in /d/hacking
0 votes · 8 comments