legal contact
 

(relaunch) News that I was reading/talking about in 2023

Find below the topics and news I took care about while trying to follow things that go on in the world while I was not looking.

13/03/2023 18:04

Get the hash although the Defender Credential Guard is active

Oliver Lyak wrote a scarry post at medium.com on how to get the hash from memory although the Windows defender protects it.


13/03/2023 17:57

bypassing asymetric client side encryption

medium.com if offering a writing by Sourav Kalal on how to bypass an asymetric client side encryption using, chrome, burp and PyCrypt.

"The only possible solution I was able to figure out was using the Chrome override feature with PyCript configured in Burp Suite. The Chrome browser allows us to edit the JavaScript file and load the JavaScript file from the local system. We can use it to modify our application JavaScript file to send a plain text request instead of an encrypted request."

13/03/2023 17:50

Building a chatbot based on you personal documents

For those that can't resist providing personal information to an outside storage, medium.com offers an article on how to feed CPT3.5 with your personla documents and have them computed to chat about it with the AI.


13/03/2023 17:42

A parts bin for satellite enumeration

Although hackaday calls this artikel a bin for satellite "hacking", I'd rather go for satellite enumeration, as others would not be legal.

Hence this is for educational purpose only to see some cool gadgets and ideas to enumerate satelite communication.

12/03/2023 16:57

Remcos RAT

In an article about a RAT, DarkReading writes how a (quite) old method is used to bypass UAC. So called mock directories are used. A corresponding "basics article" is also linked. You should definitely read it to check the SIEM for such patterns of "shadow directories"