Can’t run Robocopy locally in backup mode (/b & /zb) when logged in as a domain admin. Have tried adding it to Backup Operators groups (local & domain), and disabling UAC on the local machine, but no difference. Source: Windows..
Windows contains important files with hashed passwords for all OS accounts, encryption key data, and other important information. All this is stored in SAM, SECURITY and SYSTEM: C:WindowsSystem32configsam C:WindowsSystem32configsecurity C:WindowsSystem32configsystem The essence of the vulnerability is that if you perform a shadow copy of these files in any way, you will be able to read ..
In windows, we can monitor executed command with various ways, such as monitoring process creations with a kernel driver callback and checking if the parent is CMD or powershell, then parsing its command line to see what command has been executed. My question is, how to do this in linux? meaning how can i write ..
In the installation page for Trivy there is no mention of Windows. I have Docker for Windows installed so the Docker method looks promising but there are a couple of things I’m not sure of: What should I set the cache directory to? Will I need to "mount docker.sock"? And if so, will I need ..
In windows driver development, we have minifilters to protect valuable files in its pre write/setfileinformation callbacks, to protect files for example against ransomware attacks. My question is, what is the equivelant of this in linux? I assume its only possible in kernel mode, but if it is also possible in the user mode of linux, ..
There is a program that has its own scripting language that can call external .dll files (.NET) for extra functionality and algorithms. The program connects back to its server for DRM on a regular basis. My concern is, can the program secretly decompile my custom .dll file to learn its source code and send it ..
I’m developing a Windows Forms app (C++) in order to collect data (and other functionalities) from machines which are installed in customers’ warehouses. The app displays the information that is been gathered in runtime and stores it in our cloud database. In order to access the database I need to store the connection string (and ..
This is bizarre, almost the kind of thing that acts as a dream check. Whenever I copy and paste the following string: ‘reducedTransparencyFallbackColor’, either on its own or as part of a greater selection, it pastes as a random string which looks something like this: rLKVFk3lf9GjskqfjXWsFJdIeAmAogg6dk (note that I "scrambled" the above, in case the ..
I am writing a program that grades PC’s based on their security measures. The data collecting portion of the project in PowerShell works well, but I am having trouble with the python. I decided that I would approach this problem in an OOP way, as such, I defined the "Machine" class as follows: class Machine: ..
Context: I have a client app (a compiled NodeJS app that can run on Windows, Mac, Linux), in which I authenticate the user via the browser, and then store the authentication token (JWT, typically valid for a few hours) in a file ~/.myapp/auth-token. This is to avoid having to log the user in each time ..