User Controls

Navigation

Niggas in Space > Users > -SpectraL > Posts
  3. 1
  4. 2
  5. 3
  6. ...
  7. 1794
  8. 1795
  9. 1796
  10. 1797
  11. 1798
  12. 1799
  13. ...
  14. 1897
  15. 1898
  16. 1899
  17. 1900

Posts by -SpectraL

  1. 2016-03-22 at 1:28 PM UTC in ARE DINGOS REAL?
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Ms. Chamberlain was reported to have pronounced the word, "ate" as "ette", resulting in the more exact quote of "The dingo 'ette' my baby."
  2. 2016-03-22 at 11:12 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    2. no. if for some reason we DID use encryption algorithms that lost or modified data within the container, it would break the internal file format and no longer function correctly as an executable…..

    That's just not true, aldra. Even if you break the internal file format, that doesn't automatically mean it will no longer function. Like I said before, some parts of the code will be broken, but some parts will still function. I've already fully tested this concept.
  3. 2016-03-22 at 3:41 AM UTC in Lanny, as per your request
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Captain Falcon looks exactly like Dfg.
  4. 2016-03-22 at 3:40 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    It doesn't matter how you use it. What makes it undetectable is the operation of the crypter itself. I'm not saying it's impossible to use multiple crypters/packers/whatever, it's just redundant.

    What's more if your packer just compresses the executable it doesn't matter if you use ten of them because heuristics analyzes the behavior of the program. ..

    Not true. It DOES matter. When you encrypt something which is already encrypted, strange artifacts begin to appear in the result. You have only begun to scratch the surface of the evil dark side, oh, Obe Wan Kanobee... or should I say, Chester the Molester.
  5. 2016-03-22 at 1:48 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    AV scanners are only programmed to detect threats within standalone packing, but are not able to detect threats within certain combinations of packers. That is a fact, Chester. They won't say as much as "boo", even when heuristic scanning is specified.
  6. 2016-03-21 at 7:19 PM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Sure, no contest here. This is what packers and crypters are for broadly speaking.

    Cryptors and packers are added to the scanner definitions and detected as suspicious as fast as they come out. It's not the packer or cryptor that makes the old trojan FUD again, it's the way you use the cryptors/packers. The scanners are not designed to detect packed files which have been packed using a variety of different packers in a certain order.
  7. 2016-03-21 at 6:44 PM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    You've been living under this delusional and clearly purposeful ignorance of the browser security model literally for years. Like yeah, maybe back in the 90s when IE was the only browser with a real commercial market share and more bugs than you should share a stick at but nothing you've ever fumbled to describe has been meaningful in the context of browsers made this decade.

    Old tricks can be made brand new again, with a little thinking outside the box. You of all people should know this.
  8. 2016-03-21 at 6:43 PM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    That's really not how it works.

    Be that as it may, I can covert any detectable trojan or virus into a completely FUD trojan or virus, simply by mixing encryption/packing methods. I've already done it many times and tested the result on major scanners with the latest definitions. Not detected by any, and most of the main functions still work.
  9. 2016-03-21 at 1:12 PM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    There are constructor kits out there which allow you to embed an executable file of your choice into a standard .html document using HEX, VB and shellcode. When the .html is loaded in the browser, the executable file is built "on-the-fly" into the target machine's temp folder and launched from that location. That is not outside the scope of this conversation.
  10. 2016-03-21 at 8:18 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    wow, no…

    C'mon, now.
  11. 2016-03-21 at 5:17 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Yeah the thing is, all code is executable on the condition you don't have any errors.

    Not true. Even if the executable code produces errors, it can still be executable. Just think of PIDs. You can have a situation where some of the PIDs produced by the executable file can be broken, while others can still function normally. In some cases, you'd actually want errors, because the scanner is looking for code which produces no errors, backwards as that sounds. For example, if you take an old rootkit (which virus scanners already easily detect), and then run it through UPX, and then run it through ASPack, then run it through UPX again, that breaks SOME of the sub processes on the executable program, while leaving other sub processes fully functional, because certain sections of the program's code get all garbled from using the different packing methods back and forth. The virus scanner then passes right over it, even though a good majority of the code is still known viral code. The scanner doesn't want to produce a possible false positive, so it allows it. Meanwhile, the main process and some of the sub processes may still work... ie: opening port, calling home, replicating, etc. So yeah, even if the executable code is producing errors, it can still be executable.


    [edit]

    Lanny?
  12. 2016-03-21 at 4:54 AM UTC in Lanny, as per your request
    -SpectraL coward [the spuriously bluish-lilac bushman]
    …currently a post-mental breakdown hikikomori who's too resistant/afraid to form human relationships…

    Having sexual intercourse with cats will do that to you.
  13. 2016-03-21 at 2:33 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    What is it Spectral, an executable or code?

    Executable code is a type of code, you child rapist. Executables are executable files.

    Hey, Chester. Have you ever heard of what's called an executable stub? Pretty neat little idea. What you do is bind a small "stub" to the beginning of the executable file, so that when your script builds the .exe from the shellcode, it builds the bound stub as well. Then the executable can perform customized operations on the target machine, depending on how you program the stub to handle its processes.
  14. 2016-03-20 at 10:45 AM UTC in Going to a Bernie Sanders rally
    -SpectraL coward [the spuriously bluish-lilac bushman]
    All the Bernie and Hillary supporters look like they're seriously mentally retarded.
  15. 2016-03-20 at 10:41 AM UTC in Lanny is holding the PM system hostage until Malice gives him his personal Email
    -SpectraL coward [the spuriously bluish-lilac bushman]
    That son of a bitch.

    He's definitely tricky.
  16. 2016-03-19 at 10:01 PM UTC in Shoplifting from a grocery store, I'm a horrible thief.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Has the cops come to your door yet asking to look at the cheeses?
  17. 2016-03-19 at 10 PM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Hey, spectroll, if I showed you an example of a buffer overflow attack where the payload could be larger than 7KB would you admit you were wrong?

    Go right ahead, Lannykins. Prove me wrong.

    Sure, you can write it, but that doesn't mean it will work. The reason for the limitation is because, after 7kb, the script may not run at all, and if it does, it may crash or only partially execute. For the script to be stable, the injected executable code must be under 7kb.
  18. 2016-03-19 at 11:43 AM UTC in On converting ASM to Bytearray Shellcode and it's applications in malware.
    -SpectraL coward [the spuriously bluish-lilac bushman]
    It's amusing that I discussed these exact topics years ago back on Totse, and everyone snickered and laughed and scoffed. "You can't use HEX in a drive-by injection script!!", they said. "Machine code won't work!!", they said. "ASM and VB is for kids!!", they said. Now it's all the rave.
  19. 2016-03-19 at 11:37 AM UTC in The website obesity crisis
    -SpectraL coward [the spuriously bluish-lilac bushman]
    Actually, it is more like 6 Billion connections per page.

    The majority of websites will hold your desired connection hostage, unless you first jump through their hoops. Used to be a day where we were proud of the notion that the Web was a free and open platform for the unaccosted exchange of worldwide information. Now it's just a personal circlejerk for a bunch of cute little useless fucks.
  20. 2016-03-18 at 10:20 PM UTC in ARE DINGOS REAL?
    -SpectraL coward [the spuriously bluish-lilac bushman]
    "A dingo ate my baby." ~ Lindy Chamberlain

  3. 1
  4. 2
  5. 3
  6. ...
  7. 1794
  8. 1795
  9. 1796
  10. 1797
  11. 1798
  12. 1799
  13. ...
  14. 1897
  15. 1898
  16. 1899
  17. 1900
Jump to Top