jm33_ng
  • Course notes
  • Misc
  • Pentest
  • Programming
  • Tools
  • Vulnerabilities

jm33_ng


cyber security / noob developer / poor English

emp3r0r - Injection

Date Sat 05 February 2022 Tags pentest / post-exploitation / emp3r0r / linux / HTTP2 / port-forwarding / injection / gdb / shellcode

emp3r0r injection

shared library injection

with gdb (yes i have compiled a fully static gdb), we can easily perform the injection by invoking dlopen in target processes, since most processes on a Linux machine are linked with glibc, this will work for almost every process, including systemd

according to https://magisterquis.github …

View comments.

more ...

emp3r0r - SSH

Date Tue 14 September 2021 Tags pentest / post-exploitation / emp3r0r / linux / HTTP2 / port-forwarding / ssh

2021-09-14_13-19

what we can do with ssh

  • ssh to target host for remote shell access
  • sftp to target host for FTP service
  • ssh -D for socks proxy
  • ssh -L/ssh -R for port mapping

all these features are provided by openssh suite, which we use everyday. why not integrate them into …

View comments.

more ...
  • «
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • »

About jm33

Who

  • Cyber Security Researcher

Contact

  • 0x3A5DBF07

  • Mastodon

  • Leave a message

  • Social

    • Twitter
    • GitHub
    • LinkedIn
    • StackOverflow

  • Recent Posts

    • Reversing a Go Malware Using Ghidra
    • Secure Boot in Arch Linux
    • OpenSSH Server 密码收割机
    • Migrating from Libvirt to Qemu
    • Secure Boot and LKM Signing in Fedora

  • Tags
    • 404
    • 443
    • active directory
    • ad
    • announcement
    • antivirus
    • anyconnect
    • apache
    • arch
    • assembly
    • asu
    • backdoor
    • baidu
    • blackhat
    • bridge
    • buffer overflow
    • C#
    • career
    • censorship
    • cisco
    • code maintainance
    • compton
    • conhost
    • conpty
    • Coursera
    • credential harvesting
    • crypto
    • cryptography
    • CVE
    • CVE-2018-18955
    • CVE-2018-7750
    • diary
    • DNS污染
    • DPI
    • email
    • emp3r0r
    • exploit
    • file transfer
    • gdb
    • gfw
    • ghidra
    • github
    • Glowing Bear
    • golang
    • gpu
    • great wall
    • greatwall
    • hacking
    • hacking tool
    • HiWiFi
    • HTTP2
    • https
    • injection
    • IRC
    • 极路由
    • KCP
    • kcptun
    • kernel
    • killer
    • lede
    • libvirt
    • life
    • linux
    • linux kernel
    • lkm
    • log cleaner
    • LPE
    • macos
    • mass exploit
    • mec
    • memory layout
    • mentohust
    • Misc
    • mouse
    • multi-threaded crawler
    • namespace
    • natural scroll
    • netcat
    • network
    • nic
    • obfs4
    • obfsproxy
    • ocserv
    • openwrt
    • paramiko
    • pentest
    • pep8
    • PGP
    • pi
    • port-forwarding
    • post-exploitation
    • privilege escalation
    • programming
    • project
    • proxy
    • ptrace
    • PTRACE_TRACEME
    • python
    • pythonic
    • qemu
    • QQ
    • quote
    • RCE
    • reverse shell
    • reversing
    • rootkit
    • s2-045
    • scanner
    • scramblesuit
    • secure boot
    • SEED lab
    • sfu
    • shadowsocks
    • shadowsocks-plus
    • shell
    • shellcode
    • socket
    • SS
    • ssh
    • ssh-harvester
    • sshd
    • SSL
    • Stanford
    • sudo
    • switch
    • systemd
    • terminal
    • Thomas Jefferson
    • TMUX
    • tools
    • trasparent proxy
    • vim
    • virtualbox
    • virtualization
    • vpn
    • wayland
    • web
    • weechat
    • windows
    • windows domain
    • windows server
    • xfce4
    • xfwm
    • xhost
    • xml
    • zoomeye
© 2023 jm33-ng - About this site

Creative Commons License Content licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where indicated otherwise.

Images hosted on this site are either my own or from the Internet