DanaBot Communications Update Since the last blog post from Proofpoint about the version 4 of DanaBot, the new samples available i... 2021-09-21 01:00:00 | 阅读: 21 | 收藏 | blog.lexfo.fr a77 t7ps p9z y9z b77

Dridex Loader Analysis IntroductionDridex is an old banking Trojan that appeared in 2014 and is still very active today. Th... 2021-04-07 01:00:00 | 阅读: 91 | 收藏 | blog.lexfo.fr crc32 mutex windows arc4 dridex

Lockbit analysis IntroductionIn this article, we will talk briefly about the LockBit features and focus on the differ... 2020-10-03 01:00:00 | 阅读: 67 | 收藏 | blog.lexfo.fr assignblk 0x423ee0 memory buff instr

Pentesting a banking FTP service IntroductionA classical penetration test requires skills to assess a large variety of weaknesses, of... 2020-03-25 02:00:00 | 阅读: 68 | 收藏 | blog.lexfo.fr parm lit payload allo sig

Whitepaper: The Lazarus Constellation - A study on North-Korean malware For years, Lazarus activities were seen as acts of cyberterrorism and vandalism, since most of them... 2020-03-09 22:00:00 | 阅读: 52 | 收藏 | blog.lexfo.fr whitepaper acts destruction lexfo download

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 1/4) This series covers a step-by-step walkthrough to develop a Linux kernel exploit from a CVE descripti... 2018-10-02 13:00:00 | 阅读: 50 | 收藏 | blog.lexfo.fr netlink mq sigev attachskb fget

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 2/4) The previous article provided a detailed analysis of the CVE-2017-11176 bug (aka. "mq_notify: double... 2018-10-02 13:00:00 | 阅读: 52 | 收藏 | blog.lexfo.fr netlink unblock wake attachskb 15981

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 3/4) In the previous article, we implemented a proof-of-concept that triggers the bug from userland, drop... 2018-10-02 13:00:00 | 阅读: 47 | 收藏 | blog.lexfo.fr netlink slab kmalloc cmsg

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 4/4) In this final part, we will transform the arbitrary call primitive (cf. part 3) into arbitrary code... 2018-10-02 13:00:00 | 阅读: 51 | 收藏 | blog.lexfo.fr netlink nl userland memory hlist