INNUENDO Coding and Auto-Injection Demonstration

[Dave Aitel <dave () immunityinc com>]

*INNUENDO Coding and Auto-Injection Demonstration*:
https://vimeo.com/127492458

This is the longest video we have released in some time, clocking in at
twenty minutes. But after that twenty minutes you'll see just how easy
it is to build new functionality into INNUENDO, and you'll see a model
for what I like to think is pretty amazing method of getting back to a
C2 in a real-world corporate network. Everything in that demo is
Real-Time. Nothing is faked. It's amazing how little code it takes to
make sure a big feature.

One thing I find is key about the Windows ecosystem is that each Windows
machine has to be treated as a "network" within the machine, considering
that your view of that machine is so dependent of which user you are
executing as. Modern HIDS makes this even more true: You may be unable
to access the Internet from one process, but able to access it from
another. This is one of the hardest things for OS X users to understand
about Windows hacking. Windows Tokens really don't exist in any other
paradigm and are hard for even hackers to wrap their heads around.

-dave
Ref:
[1]
http://www.blackhat.com/presentations/bh-europe-04/bh-eu-04-detoisien/bh-eu-04-detoisien-up.pdf

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave