❈ Reverse Engineering with Radare2 | TryHackMe Reverse-Elf-ineering Advent of Cyber

➤ Weitere Beiträge von Team Security | IT Sicherheit

MMD-0037-2015 - A bad Shellshock & Linux/XOR.DDoS CNC "under the hood"

vom 387.87 Punkte ic_school_black_18dp
The background Yesterday was a hectic day when we gathered to check all recent ELF threats cross-fired in the internet traffic when I was informed of a recent shellshock attack. Seeing the command pattern of the one-liner shell executed script used I knew

MMD-0037-2015 - A bad Shellshock & Linux/XOR.DDoS CNC "under the hood"

vom 387.87 Punkte ic_school_black_18dp
The background Yesterday was a hectic day when we gathered to check all recent ELF threats cross-fired in the internet traffic when I was informed of a recent shellshock attack. Seeing the command pattern of the one-liner shell executed script used I knew

AA20-106A: Guidance on the North Korean Cyber Threat

vom 347.35 Punkte ic_school_black_18dp
Original release date: April 14, 2020 | Last revised: April 15, 2020SummaryThe U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Ko

AA20-106A: Guidance on the North Korean Cyber Threat

vom 347.35 Punkte ic_school_black_18dp
Original release date: April 15, 2020 | Last revised: June 23, 2020SummaryThe U.S. Departments of State, the Treasury, and Homeland Security, and the Federal Bureau of Investigation are issuing this advisory as a comprehensive resource on the North Ko

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 313.11 Punkte ic_school_black_18dp
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 313.11 Punkte ic_school_black_18dp
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

Radare2 - Unix-Like Reverse Engineering Framework And Commandline Tools Security

vom 294.52 Punkte ic_school_black_18dp
r2 is a rewrite from scratch of radare in order to provide a set of libraries and tools to work with binary files. Radare project started as a forensics tool, a scriptable command-line hexadecimal editor able to open disk files, but later added suppor

MMD-0026-2014 - Router Malware Warning | Reversing an ARM arch ELF AES.DDoS (China malware)

vom 280.64 Punkte ic_school_black_18dp
Sticky notes, the latest infection report is below tweet:#ELF AES.DDoS (http://t.co/y0D7YwPaD4) #malware hits MIPS/ARM routers. Some AV had bad sigs. http://t.co/TMdxaEDiNh pic.twitter.com/5eaSKJmMZU— ☩MalwareMustDie, NPO (@MalwareMustDie

MMD-0026-2014 - Router Malware Warning | Reversing an ARM arch ELF AES.DDoS (China malware)

vom 280.64 Punkte ic_school_black_18dp
Sticky notes, the latest infection report is below tweet:#ELF AES.DDoS (http://t.co/y0D7YwPaD4) #malware hits MIPS/ARM routers. Some AV had bad sigs. http://t.co/TMdxaEDiNh pic.twitter.com/5eaSKJmMZU— ☩MalwareMustDie, NPO (@MalwareMustDie

MMD-0039-2015 - ChinaZ made new malware: ELF Linux/BillGates.Lite

vom 273.08 Punkte ic_school_black_18dp
Background There are tweets I posted which are related to this topic. Our team spotted the sample a week ago. And this post is the promised details, I am sorry for the delay for limited resource that we have since for a week I focused to help good peopl

MMD-0039-2015 - ChinaZ made new malware: ELF Linux/BillGates.Lite

vom 273.08 Punkte ic_school_black_18dp
Background There are tweets I posted which are related to this topic. Our team spotted the sample a week ago. And this post is the promised details, I am sorry for the delay for limited resource that we have since for a week I focused to help good peopl

MMD-0048-2016 - DDOS.TF = (new) ELF & Win32 DDoS service with ASP + PHP/MySQL MOF webshells

vom 260.99 Punkte ic_school_black_18dp
Background Linux exploitation by bad actors from People Republic of China (in short: PRC) is not a new matter. Their attacks are coming everyday and their method is also improving by days. This post is another case of the issue, except it is reporting yo

Team Security Diskussion über Reverse Engineering with Radare2 | TryHackMe Reverse-Elf-ineering Advent of Cyber