Twitter | Pretraživanje | |
HoangSpecial
Security Researcher | Pentester | Red Team | APT69
68
Tweetovi
46
Pratim
1.016
Osobe koje vas prate
Tweetovi
HoangSpecial 28. sij
Odgovor korisniku/ci @BillDemirkapi
Similarly, I also happen to get to use forced exception through pointer destruction which is another nice trick to pair up with VEH. AGAIN, sorry for necroing this haha.
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 28. sij
Odgovor korisniku/ci @BillDemirkapi
Sorry for replying to something a year back, was scrolling through my Twitter and realized I never replied, my fault. I think you know this by now that a lot of games do anticheat do use DR register as a way to stop debuggers from placing hwbp but your comment is correct =).
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 18. sij
Odgovor korisniku/ci @leoloobeek @bohops i 8 ostali
I wish i was 10
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 17. sij
Odgovor korisniku/ci @leoloobeek @bohops i 8 ostali
One of the smartest hacker I know. The man, the legend, leoloobeek
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 3. sij
Odgovor korisniku/ci @jasc22 @TomahawkApt69 i 2 ostali
If you can show me the code. It have a custom cmd that you can use, just ends with &. This should let you execute anything in cmd as admin. Sorry for the late reply, holiday and travel. Do let me know if you need more help we can hit up DM.
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 31. pro
Odgovor korisniku/ci @vm_call
This was always a known thing in project's file is it not? Just give a quick look around project file and solution file before opening.
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 13. pro
Odgovor korisniku/ci @zeekzack @Jackson_T
MiniDumpWriteDump is a wrapper for tons of other functions (+ ReadProcessMemory) to construct a usable structure that Mimikatz later parses. Best you can do is perform an IAT hook and redirect ReadProcessMemory to your syscall. See
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 4. pro
Odgovor korisniku/ci @tn044622
It does not involve packets. You can use packet but it is highly obfuscated and will take a lot lot lot lot of work to get there but it will also give you the most freedom.
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 3. pro
Odgovor korisniku/ci @tn044622
There is a vtable for it that you can hook using VMT. You just have to be creative and look for it. It's there.
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 29. stu
Odgovor korisniku/ci @AliMalekli @leoloobeek i 2 ostali
one & should be good I think and I'm not sure 1909 is vulnerable. Let's me know the result, I'm curious :D
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 29. stu
Odgovor korisniku/ci @AliMalekli @leoloobeek i 2 ostali
Append & to the end of the command. Maybe give that a try?
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 29. stu
Odgovor korisniku/ci @Patrilic_X @leoloobeek i 2 ostali
Yeah seem like it was just patched. Glad we worked this out
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 29. stu
Odgovor korisniku/ci @AliMalekli @leoloobeek i 2 ostali
Sorry for late reply. It should say the password on completion which seem like you already got your hand on. You can also use the custom command line to add your own account if you don't want to use the hard-coded one. Glad it worked out!
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 26. stu
Odgovor korisniku/ci @Patrilic_X @leoloobeek i 2 ostali
Messaged you, let's get this figured out =)
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 14. stu
Odgovor korisniku/ci @xxByte @NCCGroupInfosec i 2 ostali
Sounds good mate! Glad I wasn't the only one.
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 14. stu
Thanks to for releasing their write up on CVE-2019-1405 and CVE-2019-1322. I figured it is time for me to learn some COM stuff so I whip up a PoC. Source: . Video: Thanks to and
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 30. lis
I don't RT much unless it is really good or it is from . In this case, was able to fulfill both criteria. Looking forward to seeing this being used in every red team C2!
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 28. lis
Odgovor korisniku/ci @HackingThings
Not with those vuln drivers =)
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial proslijedio/la je tweet
Eversec CTF 8. ruj
Thanks to all of our crew for the tireless work this weekend. New friends, late nights, and a new found hatred of barcodes. 🥇🏆💻
Reply Retweet Označi sa "sviđa mi se"
HoangSpecial 8. ruj
We did it . Thank you to everyone for the carrying and the humbling experience. And thank you to for hosting!
Reply Retweet Označi sa "sviđa mi se"