Jump to content


  • Content Count

  • Joined

  • Last visited

  • Donations


Community Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I was recently on an engagement where we phished in and ran into UAC which gave me more trouble than I expected. When a user logs onto Windows, a logon session is created and the credentials are tied into an authentication package inside of the logon session. Whenever a process wants to act as a user or use the user’s credentials, it uses a token. These tokens are tied to the logon sessions and ultimately determine how the credential is used. In the case of User Access Control (UAC) and Administrative users, the token is effectively split into two levels. Tokens have different integrity levels
  2. Kerberos is the preferred way of authentication in a Windows domain, with NTLM being the alternative. Kerberos authentication is a very complex topic that can easily confuse people, but is sometimes heavily leveraged in red team or penetration testing engagements, as well as in actual attacks carried out by adversaries. Understanding how Kerberos works legitimately is essential to understanding the potential attack primitives against Kerberos and how attackers can leverage it to compromise a domain. This article is intended to give an overview of how Kerberos works and some of the more common
  3. 前言 由于之前就想分析msfvenom生成的payload。经过前后几次波折 第三次分析后才看懂了不少。 分析过程 1.msfvenom生成shellcode ps:用x86更好的分析 msfvenom -p windows/exec cmd=calc.exe -f raw -o shellcode.bin 1 2.将shellcode放入一个PE里 准备工具: yasm.exe GoLink.exe 将shellcdoe.bin和shellcode.asm放在同一个目录 shellcode.asm Global Start SECTION 'foo' write,execute,read Start: incbin "shellcode.bin" 生成obj后在生成exe yasm.win32.exe -f win32 -o shell.obj shellcode.asm Golink /ni /entry Start shell.obj 3.利用IDA分析 loc_401088函数分析 msf生成payload的模板对照分析 提一点:m
  4. 程序员受苦久矣 多年前的一个夜晚,风雨大作,一个名叫Docker的年轻人来到Linux帝国拜见帝国的长老。 “Linux长老,天下程序员苦于应用部署久矣,我要改变这一现状,希望长老你能帮帮我” 长老回答:“哦,小小年纪,口气不小,先请入座,你有何所求,愿闻其详” Docker坐下后开始侃侃而谈:“当今天下,应用开发、测试、部署,各种库的依赖纷繁复杂,再加上版本之间的差异,经常出现在开发环境运行正常,而到测试环境和线上环境就出问题的现象,程序员们饱受此苦,是时候改变这一状况了。” Docker回头看了一眼长老接着说到:“我想做一个虚拟的容器,让应用程序们运行其中,将它们需要的依赖环境整体打包,以便在不同机器上移植后,仍然能提供一致的运行环境,彻底将程序员们解放出来!” Linux长老听闻,微微点头:“年轻人想法不错,不过听你的描述,好像虚拟机就能解决这个问题。将应用和所依赖的环境部署到虚拟机中,然后做个快照,直接部署虚拟机不就可以了吗?” Docker连连摇头说到:“长老有所不知,虚拟机这家伙笨重如牛,体积又大,动不动就是以G为单位的大小,因为它里面要运行一个完整的操作系统,所以跑起来格外费劲,慢就不说了,还非常占资源,一台机器上跑不了几台虚拟机就把性能拖垮了!而我想要做一个轻量级的虚拟容器
  5. Description Forcefully delete any Discord webhook using it's URL. This is not an exploit, but I'll keep it here as the feature can be abused. Original founder not an exploit l0l # Name: Delete Webhook # Description: Forcefully delete a webhook # Author: checksum (@0daySkid) # Original founder: ~not an exploit l0l~ import requests import sys class Exploit: def __init__(self, url): self.webhook_url = url def execute(self): """ send DELETE request to webhook url """ return requests.delete(self.webhook_url) def main(): if len(sys.
  6. Pb2d

    Block Bypass 0DAY

    Description This simple exploit gives you the ability to message Discord users you have blocked - NOT THE OTHER WAY AROUND! Usage $ py example.py <token> <client id> Original author # Name: Block Bypass # Description: Send messages to blocked users # Author: checksum (@0daySkid) # Original founder: Yaekith
  7. In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group chats feature altogether before the issue was resolved in a subsequent iOS update. Since then,
  8. Europol on Tuesday said it shut down DarkMarket, the world's largest online marketplace for illicit goods, as part of an international operation involving Germany, Australia, Denmark, Moldova, Ukraine, the U.K.'s National Crime Agency (NCA), and the U.S. Federal Bureau of Investigation (FBI). At the time of closure, DarkMarket is believed to have had 500,000 users and more than 2,400 vendors, with over 320,000 transactions resulting in the transfer of more than 4,650 bitcoin and 12,800 monero — a sum total of €140 million ($170 million).
  9. Mimecast said on Tuesday that "a sophisticated threat actor" had compromised a digital certificate it provided to certain customers to securely connect its products to Microsoft 365 (M365) Exchange. The discovery was made after the breach was notified by Microsoft, the London-based company said in an alert posted on its website, adding it's reached out to the impacted organizations to remediate the issue. The c
  10. For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability. The latest security patches cover Microsoft Windows, Edge browser, ChakraCore, Office and Microsoft Office Services, and Web Apps, Visual Studio, Microsoft Malware Protection Engine, .NET Core, ASP .NET, and Azure. Of these 83 bugs, 10 are listed as Critical, and 73
  11. Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Portal, a Muslim prayer-clock app called Pakistan Salat Time, Mobile Packages Pakistan, Registered SIMs Checker, and TPL Insurance, the malicious variants have been found to obfuscate their operations to stealthily download a payload in the form of an Android Dalvik executable (DEX) file.
  12. Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan (RAT) capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook, Instagram, WhatsApp, Skype, Telegram, Kik, Line, and Google Messages. The vendor, who goes by the name of "Triangulum" in a number of darknet forums, is alleged to be a 25-year-old man of Indian origin, with the individual opening up shop to sell the malware three years ago on June 10, 2017,

Follow: 世界中文黑客论坛由CNHACKTEAM[CHT]创建,汇集国内外技术人员,这是一群研究网安黑客攻防技术领域的专家.



Пожалуйста, соблюдайте законы страны, в которой вы находитесь, во время обучения, или будут последствия!


Please abide by the relevant laws of your country during your study, or you will be responsible for the consequences!

官方旗下项目丨About our project



黑客攻防  技术问答  0day  Hack News  CHT Team  使用指南  商城/Mall  商城订单查询  捐赠/donations  在线用户  X  联系邮箱email:[email protected]

友情链接丨Link丨Связь дружбы

CNHACKTEAM   CHT team official website     www.hac-ker.com     hacked.com.cn     www.77169.net     www.ddosi.com


  • Create New...

Important Information

Please use your computer to visit our website; Please agree to our website rules!Guidelines