The latest splash has been made by the Petya or NotPetya Ransomware that exploded in Ukraine and is infecting companies all over the World. It’s getting some people in deep trouble as there’s no way to recover the files once encrypted. The malware seems to be trying to hide its intent as it doesn’t really […]
Archives for June 2017
Winpayloads – Undetectable Windows Payload Generation
Winpayloads is a tool to provide undetectable Windows payload generation with some extras running on Python 2.7. It provides persistence, privilege escalation, shellcode invocation and much more. The tool uses metasploits meterpreter shellcode, injects the users IP and port into the shellcode and writes a python file that executes the shellcode using ctypes. This is […]
TheFatRat – Massive Exploitation Tool
TheFatRat is an easy-to-use Exploitation Tool that can help you to generate backdoors and post exploitation attacks like browser attack DLL files. This tool compiles malware with popular payloads and then the compiled malware can be executed on Windows, Linux, Mac OS X and Android. The malware that is created with this tool also has […]
South Korean Webhost Nayana Pays USD1 Million Ransom
So far this Nayana payout is the biggest ransomware payment I’ve seen reported, there’s probably some bigger ones been paid but kept undercover. Certainly a good deal for the bad actors in this play, and well using an outdated Kernel along with PHP and Apache versions from 2006 you can’t feel too sorry for Nayana. […]
pyrasite – Inject Code Into Running Python Processes
pyrasite is a Python-based toolkit to inject code into running Python processes. pyrasite works with Python 2.4 and newer. Injection works between versions as well, so you can run Pyrasite under Python 3 and inject into 2, and vice versa. Usage
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
usage: pyrasite [-h] [--gdb-prefix GDB_PREFIX] [--verbose] [--output OUTPUT_TYPE] pid [filepath|payloadname] pyrasite --list-payloads pyrasite - inject code into a running python process positional arguments: pid The ID of the process to inject code into filepath|payloadname The second argument must be a path to a file that will be sent as a payload to the target process or it must be the name of an existing payload (see --list-payloads). optional arguments: -h, --help show this help message and exit --gdb-prefix GDB_PREFIX GDB prefix (if specified during installation) --verbose Verbose mode --output OUTPUT_TYPE This option controls where the output from the executed payload will be printed. If the value is 'procstreams' (the default) then the output is sent to the stdout/stderr of the process. If the value is 'localterm' then the output is piped back and printed on the local terminal where pyrasite is being run. --list-payloads List payloads that are delivered by pyrasite For updates, visit https://github.com/lmacken/pyrasite |
You can download pyrasite here: pyrasite-2.0.zip Or read more here.