exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files from Emeric Nasi

Real Nameemeric nasi
Email addressemeric.nasi at sevagas.com
Websiteblog.sevagas.com
First Active2010-09-29
Last Active2020-11-28
View User Profile
Weaponize GhostWriting Injection - Code Injection Series Part 5
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Weaponize GhostWriting Injection. This is part 5 of a 5 part series of papers.

tags | paper
SHA-256 | 3d099a69228585c470a148ebe081be2da6d34c0d0dfd0ebd47cfdcc1cef8b097
Disable Dynamic Code Mitigation (ACG) - Code Injection Series Part 4
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Disable Dynamic Code Mitigation (ACG). This is part 4 of a 5 part series of papers.

tags | paper
SHA-256 | d6f9a7c37019c5bda76e8bcb2576b76d7396ed3886e915eba4a11c4457397857
Exploit WNF Callback - Code Injection Series Part 3
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Exploit WNF Callback. This is part 3 of a 5 part series of papers.

tags | paper
SHA-256 | 9664b39e787231b3245fe5981dad6081e60b1c547f615b949c49188c2fdc68ac
Bypass Start Address Protection - Code Injection Series Part 2
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Bypass Start Address Protection. This is part 2 of a 5 part series of papers.

tags | paper
SHA-256 | 7f1148363cdafe6c6302691edd3a5e745e18c1d0354d7e0941671b45c94136f8
Process PE Injection Basics - Code Injection Series Part 1
Posted Nov 28, 2020
Authored by Emeric Nasi

Whitepaper called Process PE Injection Basics. This is part 1 of a 5 part series of papers.

tags | paper
SHA-256 | e3f44c53dd19c10cacae6e12195ca0fa90ddcf9a48ae331f25cacf335673f889
Macro Pack 1.1
Posted Oct 13, 2017
Authored by Emeric Nasi | Site github.com

macro_pack is a tool used to automate obfuscation and generation of MS Office documents for penetration testing, demo, and social engineering assessments. The goal of macro_pack is to simplify bypassing anti-malware solutions and automate the process from vba generation to final Office document generation.

tags | tool
SHA-256 | c5edcba25cf4be512a120d75fc22584e2d4ff925ce78cd23d96e4c714d629695
Swap Digger 1.0
Posted Aug 8, 2017
Authored by Emeric Nasi

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.

tags | tool, web, bash
systems | linux, unix
SHA-256 | 53147e0cf82da4bdc5ee73a8bc75667f3afd51f62351d8d4a1ef19fbcbf6f22f
My VBA Bot
Posted Jul 11, 2016
Authored by Emeric Nasi

Whitepaper called My VBA Bot - Writing Office Macro FUD encoder and other stuff.

tags | paper
SHA-256 | cd3df45647920f0daf5fc401196c033c74794ce9607f20e3bb7bc0fa00433fdd
Bluffing Network Scan Tools
Posted Dec 7, 2015
Authored by Emeric Nasi

Whitepaper called Bluffing Network Scan Tools - What You See May Not Be What You Get. This is a little paper to remind people that results from automatic tools are always interpretations of incoming data. Tools expect a certain behaviour from systems, and will make some assumptions. If you do not know this, you may be fooled by false positives or worse loose your valuable time.

tags | paper
SHA-256 | 5d150e80887b974f0f88fa3e467f154bc6418ef8b8d2e211081dd93297989286
Linux splice_write Kernel Panic
Posted Apr 11, 2015
Authored by Emeric Nasi

The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem. This is proof of concept code that triggers the kernel panic.

tags | exploit, denial of service, kernel, local, proof of concept
systems | linux
advisories | CVE-2014-7822
SHA-256 | 7020e5cb8eb79147f24ae47ba61603cfdfc59462bdfbc98295dfc6b21c5a9a40
Linux CVE-2014-9322 Proof Of Concept
Posted Mar 2, 2015
Authored by Emeric Nasi

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space. This is a POC to reproduce vulnerability. No exploitation here, just simple kernel panic.

tags | exploit, x86, kernel, local
systems | linux
advisories | CVE-2014-9322
SHA-256 | 4af67f178eb58a164b5111e77b240cd7ee040f47573670c05d5a9905efc16e21
Linux CVE-2014-4943 Proof Of Concept
Posted Mar 2, 2015
Authored by Emeric Nasi

The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. This is a POC to reproduce vulnerability. No exploitation here, just simple kernel panic.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2014-4943
SHA-256 | a61882d75d8479cc731747b0d2682c513a28bb1ec35244e7dadceb22767f2277
Linux CVE-2014-3631 Proof Of Concept
Posted Mar 2, 2015
Authored by Emeric Nasi

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2014-3631
SHA-256 | aa1298ddf2533503468e7415c2de8808d48b8fac52f00905dd6dbef860a455f8
Bypass Antivirus Dynamic Analysis
Posted Aug 25, 2014
Authored by Emeric Nasi

In this paper the author describes AV methods and focuses on how to fool antivirus emulation systems. They set themselves a challenge to find half a dozen ways to bypass AV dynamic analysis by using a fully undetectable decryption stub.

tags | paper, virus
SHA-256 | ac72453c0063b45b72cc8060aab4c417bf781a5eebbe61cae50fb5c93dc9c3c7
PE Injection Explained
Posted Apr 14, 2014
Authored by Emeric Nasi

Whitepaper called PE Injection Explained. Injecting code into other process memory is generally limited to shellcodes, either to hide the shellcode from Antivirus or to inject a DLL. The method described here is more powerful and enables you to inject and run a complete PE module inside another process' memory, including the possibility to call any system or runtime API with plain C++. It relies only on documented features and C++, no assembly knowledge required.

tags | paper, shellcode
SHA-256 | 3f9c36022b09f6b3441e15b7fa94326ee950d204371a442571a58498d27b505c
Glyptodon File System Analyzer 1.2
Posted May 9, 2011
Authored by Emeric Nasi

Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.

tags | tool, bash
systems | linux, unix
SHA-256 | 0c9a68bfb2e52bdc81f2316f067d7f264897eb737ada4467537a3e3f11c576b8
Exploiting Capabilities - Parcel Root Power, The Dark Side Of Capabilities
Posted Sep 29, 2010
Authored by Emeric Nasi

Whitepaper called Exploiting Capabilities - Parcel Root Power, The Dark Side Of Capabilities. It dives into the dangers linked to POSIX file capabilities supported in Linux kernel versions greater than 2.6.26.

tags | paper, kernel, root
systems | linux, osx
SHA-256 | 21d1099e6762feb810c2eaf486c7b8a5ecb81544dbea93148c03858a9d0eaf08
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close