- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Using WhatsApp for Malware Persistence
Here I demonstrate how a DLL Search Order Hijack bug in WhatsApp for Windows can be exploited by Malware to remain persistent. It's a little tongue-in-cheek, but showcases how to search for DLL insSearch Order Hijacks and also how commonly installed applications can be harnessed by bad-guys for malicious purposes.
If you want to find out more about DLL Search Order Hijacking you should definitely check out the following links:
https://docs.microsoft.com/en-us/windows/desktop/dlls/dynamic-link-library-security
http://www.binaryplanting.com/guidelinesDevelopers.htm
Link to my slides:
https://docs.google.com/presentation/d/1k4N0m03YKZh8Nr5E0Uzhs5IYKWUp2A4gLygNwXKVGng/edit?usp=sharing
How to compile your own DLLs using msfvenom:
https://kb.help.rapid7.com/discuss/599b70eba72c84001bddb4a4
Link to my PoC doc file:
https://www.virustotal.com/#/file/79d8a5c685009fdfcfc84f88826655e21931879d9484fa95541f97096705547c/detection
Link to ProcMon Filter file
https://jmp.sh/KaEQkWd
If you liked this video, please press "Like"
If you loved it, please Subscribe!
Also, if you want to chat malware / exploits / vulnerabilities then please follow me on https://twitter.com/cybercdh
Thanks for watching!
Видео Using WhatsApp for Malware Persistence канала cybercdh
If you want to find out more about DLL Search Order Hijacking you should definitely check out the following links:
https://docs.microsoft.com/en-us/windows/desktop/dlls/dynamic-link-library-security
http://www.binaryplanting.com/guidelinesDevelopers.htm
Link to my slides:
https://docs.google.com/presentation/d/1k4N0m03YKZh8Nr5E0Uzhs5IYKWUp2A4gLygNwXKVGng/edit?usp=sharing
How to compile your own DLLs using msfvenom:
https://kb.help.rapid7.com/discuss/599b70eba72c84001bddb4a4
Link to my PoC doc file:
https://www.virustotal.com/#/file/79d8a5c685009fdfcfc84f88826655e21931879d9484fa95541f97096705547c/detection
Link to ProcMon Filter file
https://jmp.sh/KaEQkWd
If you liked this video, please press "Like"
If you loved it, please Subscribe!
Also, if you want to chat malware / exploits / vulnerabilities then please follow me on https://twitter.com/cybercdh
Thanks for watching!
Видео Using WhatsApp for Malware Persistence канала cybercdh
Комментарии отсутствуют
Информация о видео
21 января 2019 г. 1:03:11
00:13:05
Другие видео канала
Remcos Config - Using RC4 to Get Command & Control from CyberChef
SUPERNOVA - Everything you need to know to Reverse Engineer an APT WebShell
Y2K22 - Why 2022 Broke Email
Crack The BAT - Identifying Compression, Packers & Googling for IOCs
WannaCry Ransomware - Revisited. Behavioural and Static Analysis Techniques
CVE-2017-8570 - Dynamic analysis of Exploit used in Powerpoint to deliver KeyBase InfoStealer
Live Stream - Malware Analysis Tools Tactics & Techniques
Adylkuzz CryptoMiner - A quick behavioural analysis
Cyber Defender REACTS to THEFT of Microsoft Exchange Server ZERO DAYS used by HAFNIUM
Jaff Ransomware - A quick technical analysis
Extracting encrypted contents from Kronos Banking Trojan
JNLP Dangers - Java Malware Detection & Analysis
Five Awesome Tools to perform Behavioural Analysis of Malware
Threat Hunting with Inquest Labs
Emotet is Dead
Wrangle with Hangul - Analysis of a malicious hwp document
Olympic Destroyer - Quick behavioural Analysis of this Wiper Malware
Bashing LOLSnif - Defeating Anti-Analysis Techniques to get real IOCs
Analysing Obfuscated VBA - Extracting indicators from a Trickbot downloader
Extract Shellcode from Fileless Malware like a Pro
