Visiting the snake nest Recon Brussels 2018 Jean-Ian Boutin | - PowerPoint PPT Presentation

Jul 14, 2023 •647 likes •2.05k views

Visiting the snake nest Recon Brussels 2018 Jean-Ian Boutin | Senior Malware Researcher Matthieu Faou | Malware Researcher Jean-Ian Boutin Matthieu Faou Senior Malware Researcher Malware Researcher @jiboutin @matthieu_faou Agenda 1.

Named pipe Communications • Tasks can be forwarded to another node
Named pipe Communications • Tasks can be forwarded to another node
Named pipe Communications • Tasks can be forwarded to another node
Named pipe Communications • Tasks can be forwarded to another node
Named pipe Communications • Tasks can be forwarded to another node
Task configuration file • [CONFIG] • NAME (“cmd.exe” by default) • ARG • RESULT (“ stdout ” by default) • COMPRESSION (“yes” by default) • DELETE (“no” by default)
Kazuar
Overview • .NET backdoor • Crossplatform • Similar in architecture to Carbon • Plugin support • Working directory • Configuration file • Log file • […]
ConfuserEx • LZMA code compression • Anti debug • Control flow obfuscation • Strings obfuscation
ConfuserEx • LZMA code compression • Anti debug • Control flow obfuscation • Strings obfuscation
Gazer/ White Bear https://chocolate80y.deviantart.com/art/bear-snake-149185270

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Mid-Snake TMDL By Cassie Sundquist and Chris Jeszke Mid Snake TMDL EPA approved the Mid Snake

Reopening of the Mid-Snake TMDL By Cassie Sundquist and Chris Jeszke Mid Snake TMDL EPA approved the Mid Snake Phosphorus TMDL in 1997, representing Idahos first nutrient TMDL of consequence that involved point sources. The premise

200 views • 9 slides

Digital NEST Connect Transform Create What is the NEST? Digital NEST CONNECTS youth to a

Digital NEST Connect Transform Create What is the NEST? Digital NEST CONNECTS youth to a skill-building community that TRANSFORMS them into professionals who can CREATE successful careers, innovative solutions, and prosperous communities

423 views • 19 slides

NEST NEST New and Emerging Science and Technology European Commission RTD.B.1 Anticipating

NEST NEST New and Emerging Science and Technology European Commission RTD.B.1 Anticipating Scientific and Technological Needs (NEST activity); Basic Research Specific Activities covering a Wider Field of Research New and Emerging Science

292 views • 12 slides

Re-evaluation of the Mid-Snake/Upper Snake Rock Subbasin TMDL: Data Summary, Evaluation, and

Re-evaluation of the Mid-Snake/Upper Snake Rock Subbasin TMDL: Data Summary, Evaluation, and Assessment Mid-Snake Watershed Advisory Group Meeting September 17, 2014 TMDL Data Assessment Discussion Overview Background 2013 Report --

356 views • 33 slides

Snake River Salmon Challenges and Successes STEVE MARTIN, EXECUTIVE DIRECTOR SNAKE RIVER SALMON

Snake River Salmon Challenges and Successes STEVE MARTIN, EXECUTIVE DIRECTOR SNAKE RIVER SALMON RECOVERY BOARD Extinction is Not and Option The Washington Way Messages Snake River Recovery Plan is based on the hydropower system as part of the

297 views • 7 slides

Software Tool Seminar WS1516 - Taming the Snake November 4, 2015 1 Taming the Snake 1.1

Software Tool Seminar WS1516 - Taming the Snake November 4, 2015 1 Taming the Snake 1.1 Understanding how Python works in N simple steps (with N still growing) 1.2 Step 0. What this talk is about (and what it isnt) Four basic things you

266 views • 12 slides

What is Nest? FREE online home matching platform Nest matches people with disability to

What is Nest? FREE online home matching platform Nest matches people with disability to accommodation/housing that suits their needs and wants. Nest makes it easy to search, choose and apply for accommodation/housing that meets

282 views • 14 slides

Workshop 11.3.2013 Background Snake bite major environmental and occupational hazard in

A National survey of Snake bites in India (venomous and non-venomous): syndrome-snake species correlations, outcomes and ASV dose requirements Workshop 11.3.2013 Background Snake bite major environmental and occupational hazard in rural

247 views • 9 slides

Ew E NEST m odel Thorsten Blenckner Maciej T. Tomczak Susa Niiranen Olle Hjerne Baltic Nest

Ew E NEST m odel Thorsten Blenckner Maciej T. Tomczak Susa Niiranen Olle Hjerne Baltic Nest Institute (BNI) Linking science and management Baltic NEST = a science based decision support system (DSS) to : Explore and synthesize

511 views • 20 slides

Determinants of Nest Egg Sustainability Jack C. DeJong, Jr., Ph.D., MBA, CFA Nova Southeastern

Determinants of Nest Egg Sustainability Jack C. DeJong, Jr., Ph.D., MBA, CFA Nova Southeastern University CoFounder, Nest Egg Guru John H. Robinson Founder, Financial Planning Hawaii CoFounder, Nest Egg Guru Inspiration: Two Seminal

219 views • 19 slides

Background and introduction to NeST within the context of the GPEDC and the global SSC debates

Background and introduction to NeST within the context of the GPEDC and the global SSC debates Presentation for the NeST SA reference group meeting Neissan Alessandro Besharati Jan Smuts House, Johannesburg, 28 January 2015 The Rise of the

417 views • 22 slides

The Arizona Mountain King Snake By Leo The Arizona mountain king is a very colorful snake. It

The Arizona Mountain King Snake By Leo The Arizona mountain king is a very colorful snake. It is also immune to venom so that it can survive an attack if it gets hit by venom it won't get hurt. The Arizona mountain king snake is about 18

459 views • 7 slides

On surface cluster algebras: Band and snake Abstract Snake Graphs Relation to graph calculus

Band and snake graph calculus I. Canakci, R. Schiffler Motivation On surface cluster algebras: Band and snake Abstract Snake Graphs Relation to graph calculus Cluster Algebras Band Graphs and Future Directions Ilke Canakci 1 Ralf

1.28k views • 106 slides

Snake orbit effect on the spin tune in RHIC M. Bai, V. Ptitsyn, T. Roser Spin tune versus snake

Snake orbit effect on the spin tune in RHIC M. Bai, V. Ptitsyn, T. Roser Spin tune versus snake orbit angle Making use of the depolarization by 0.75 Example of measurements done in Blue at 250 GeV (second order) spin resonance: - vertical

381 views • 4 slides

Live Coding Kotlin/Native Snake github.com/dkandalov/kotlin-native-snake @dmitrykandalov

Live Coding Kotlin/Native Snake github.com/dkandalov/kotlin-native-snake @dmitrykandalov Lightning talk What is Kotlin/Native? Kotlin/Native is an LLVM backend for the Kotlin compiler, runtime implementation, and native code

995 views • 68 slides

SWAN NEST A SWAN BUILDS ITS NEST FROM FOUND MATERIALS, RECYCLING AND REFLECTING THE

5/16/2018 SWAN NEST A SWAN BUILDS ITS NEST FROM FOUND MATERIALS, RECYCLING AND REFLECTING THE AESTHETIC OF THE WATER. - BISSET ADAMS DESIGN CONCEPT DESIGN INTENTION AND SUSTAINABLE GOALS 1 5/16/2018 DESIGN INTENT The concept for

571 views • 30 slides

JWT Parkour Attacking JSON WEB TOKENS Louis Ny ff enegger @PentesterLab

JWT Parkour Attacking JSON WEB TOKENS Louis Ny ff enegger @PentesterLab louis@pentesterlab.com About me Security Engineer Pentester/Code Reviewer/Security consultant/Security architect/IANAC Run a website to help people learn security

1.28k views • 79 slides

Calibrating semi-analytic V T s against reweighted injection V T s Daniel Wysocki and

Calibrating semi-analytic V T s against reweighted injection V T s Daniel Wysocki and Richard OShaughnessy Rochester Institute of Technology LIGO R&D Call Monday, October 1, 2018 LIGO-T1800427-v1 D. Wysocki, R. OShaughnessy

271 views • 14 slides

SQL Injection Attack 1 Brief Tutorial of SQL MySQL: an open-source relational database

SQL Injection Attack 1 Brief Tutorial of SQL MySQL: an open-source relational database management system Log in to MySQL Create a Database : SHOW DATABSES command: list existing databases. Create a new database called

521 views • 30 slides

Direct Routing: Algorithms and Complexity Costas Busch, RPI Malik Magdon-Ismail, RPI Marios

Direct Routing: Algorithms and Complexity Costas Busch, RPI Malik Magdon-Ismail, RPI Marios Mavronicolas, Univ. Cyprus Paul Spirakis, Univ. Patras 1 Outline 1. Direct Routing. 2. Direct Routing is Hard. 3. Approximation Algorithms

404 views • 22 slides

FOCUS GROUP JULY 2017 3:30PM-5:00PM 25 VAN NESS AVE RM 330A SAN FRANCISCO DEPARTMENT OF

SAN FRANCISCO SAFE INJECTION SERVICES FOCUS GROUP JULY 2017 3:30PM-5:00PM 25 VAN NESS AVE RM 330A SAN FRANCISCO DEPARTMENT OF PUBLIC HEALTH 1 HARM REDUCTION Public health philosophy that promotes methods of reducing the physical,

441 views • 21 slides

Texas CCUS Project Development Lessons Learned and Still More to Come Christine Ehlig-Economides

1 Texas CCUS Project Development Lessons Learned and Still More to Come Christine Ehlig-Economides Steve Melzer 9/1/2020 The Permian Basin: A Bright Spot for CCUS August 27, 2020 3 Subjects for Today I. Overview II. Focus on the San

1.06k views • 40 slides

File Injection for Virtual Machine Boot Mechanisms Till Mller advised by Johannes Naab Monday 4

Chair of Network Architectures and Services Department of Informatics Technical University of Munich File Injection for Virtual Machine Boot Mechanisms Till Mller advised by Johannes Naab Monday 4 th November, 2019 Block Seminar: Innovative

453 views • 16 slides

DLL Injection CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 18.07.2020

DLL Injection CONTACT@ADAMFURMANEK.PL HTTP://BLOG.ADAMFURMANEK.PL FURMANEKADAM 1 18.07.2020 DLL INJECTION - ADAM FURMANEK About me Experienced with backend, frontend, mobile, desktop, ML, databases. Blogger, public speaker. Author of .NET

655 views • 36 slides