Category : linux

I start a gdb session in the background with a command like this: gdb –batch –command=/tmp/my_automated_breakpoints.gdb -p pid_of_proces> &> /tmp/gdb-results.log & The & at the end lets it run in the background (and the shell is immediately closed afterwards as this command is issued by a single ssh command). I can find out the pid ..

Read more

I’m working on obtaining a unique hardware fingerprint on a host through WMI. However, I found that this approach was so vulnerable. There are at least two attack vectors: attack on kernel space by memory manipulation https://github.com/Alex3434/wmi-static-spoofer attack on user space by dll-hooking https://dzone.com/articles/windows-api-hooking-and-dll-injection Eventually, I survey the TPM technique as a hardware identification solution. ..

Read more