Saturday, September 17, 2022
HomeHackerA PoC Implementation For An Evasion Approach To Terminate The Present Thread...

A PoC Implementation For An Evasion Approach To Terminate The Present Thread And Restore It Earlier than Resuming Execution, Whereas Implementing Web page Safety Modifications Throughout No Execution




A PoC implementation for an evasion method to terminate the present thread and restore it earlier than resuming execution, whereas implementing web page safety modifications throughout no execution.

Intro

Sleep and obfuscation strategies are well-known within the maldev group, with completely different implementations, they’ve the target of hiding from reminiscence scanners whereas sleeping, normally altering web page protections and even including cool options like encrypting the shellcode, however there’s one other necessary level to cover our shellcode, and is hiding the present execution thread.
Spoofing the stack is cool, however after considering a bit of about it I believed that there is no such thing as a must spoof the stack… if there is no such thing as a stack 🙂

The usability of this system is left to the reader to evaluate, however in any case, I believe it’s a cool approach to evaluate some matters, and be taught some maldev for many who, like me, are beginning on this world.

The principle implementation confirmed right here holds every part that we have to take out of the stack within the knowledge part, as international variables, however an impletementation transferring every part to the heap might be revealed quickly. It goals to indicate some key modifications that must be finished to make this code pic and injectable.

This repository is mirrored between GitHub and GitLab.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments