Peace be upon you all.
Welcome to our first crypto post here!
If you’re interested in cryptography , you’d know that key(s) are required to encrypt and decrypt the messages exchanged between two parties so what if those two parties can’t meet to agree on a shared key for example we are in the middle of a war how can two allied countries exchange the keys safely knowing that their enemies are always eavesdropping on them that’s where the public key exchange came in. Continue reading
About five days ago a friend of mine called me telling that some group defaced a wordpress site belongs to the company he owns.
After checking the logs, I found the attacker exploited a vulnerability in “Brilliant Theme”
a product from cmsmasters
The attacker was able to abuse a bug in a file called upload-bg.php within the following path: /wp-content/themes/brilliant/theme/functions that leads to upload malicious codes to the web-server.
There are a lot of ways to alter a process’s execution path , Oh aren’t they many!- in this article , we’ll tackle one of the most commonly used techniques , DLL injection , We’ll start by looking at it’s concept and how to implement it your self ; then see it work in action in a real malware. Dll injection is a very common technique , where you can inject a dll into an executing binary , hence having it’s privileges would be great to evade a firewall for example. Continue reading
What is webhandler:
A handler for PHP system functions & also an alternative ‘netcat’ handler that is written in Python.
Also it tries to simulate a ‘Linux bash prompt’ to handle and process:
- PHP program execution functions e.g. system, passthru, exec, etc
- Bind shell connections
- Reverse shell connections
To learn more about webhandler, Continue reading
- Hardware Level Memory management
- Virtual Memory
- Introduction to windows memory management
First, I’d Like to welcome you to the blog since Continue reading