25 Aug 2024 · 40 min
Author : Viking
In the previous blogpost - Fixing (Windows Internals) Meminfo.exe - we dig into the tool Meminfo.exe from Windows Internals Book highlighting “FileInfo requests”. I suggest you take a look at some details about another type of request named “SuperFetchQuery” which can be useful for some scenarios like Red Team / Privesc, Pentest, Exploit Dev or Maldev. Let’s take a look !
Read more →
05 May 2024 · 10 min
Author : Viking
A while ago I started to read Windows Internals books. I’ve discovered Meminfo.exe tool that allows to retrieve information about physical & virtual memory.
Some options did not give any output / crash the program, after MemInfo source code analysis and fileinfo.sys driver reversing I found some quick (and dirty) fixes. Maybe it can help if someone encounter the same issues.
Read more →
11 Feb 2024 · 10 min
Author : Viking
In this short blogpost we will discuss how named pipes and Powershell oneliners could be used for creating Windows bind / reverse shell using Windows SMB port.
Read more →
23 Aug 2023 · 11 min
Author : Viking
After the sandstorm it’s time for the blizzard ! The well-known EDRSandblast tool is a fantastic code base for Windows kernel investigating purpose, after several modification I decided to fork this project and wanted to share details about this with the community.
Read more →
05 Jul 2023 · 8 min
Author : Viking
Here are some notes for Windows drivers reverse enginering noob. This topic is already covered and you can find many resources on Internet, here we will use IDA and GHIDRA and observe differences.
Read more →
27 Oct 2021 · 16 min
Author : Viking
The previous post exposes how to create a weaponized driver. How can we load this unsigned drivers into the Windows kernel bypassing Driver Signing Enforcement (DSE) ? Here are some details about that.
Read more →
28 Nov 2020 · 12 min
Author : Viking
For a long time I was wondering how to pwn embedded (or IoT) devices. I managed to get a root shell on my old LG HR 598 Bluray player, here is some notes about my hardware hacking journey.
Read more →
16 May 2020 · 19 min
Author : Viking
During my journey into the Windows Kernel I found interesting to create a tool to elevate any process to SYSTEM using a driver. Here are some details about that.
Read more →