This reminds me of the capicom exploit from 2017. I never get tired of my Rootkits: Subverting the Windows Kernel book by HBGary when seeing rootkit-like EPROCESS modification (DKOM - direct kernel object modification, something highly achievable with simple APIs in the XP days)
-
-
-
This is exactly like the Capcom exploit. I heard a lot of good things about that book as well! However, there are a million similar drivers like this out there so as attackers, we got plenty of ammunition to go through before we run out.
- Još 5 drugih odgovora
Novi razgovor -
-
-
That was fast

-
Being unemployed let's me write blog for 8 hours straight haha
Kraj razgovora
Novi razgovor -
-
-
Dude, love your stuff. Hope you find a new job soon

-
No man, it's the other way around. I love YOUR stuff. Thanks for the mention in the Outflank post!
- Još 1 odgovor
Novi razgovor -
-
-
another driver for you
@dwizzzleMSFTHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.