Riemergo
Uncategorized
2
Posts
2
Posters
1
Views
-
Riemergo.
Oggi sarร il punto in mezzo a un prima e un dopo :-) -
undefined Oblomov shared this topic on
-
Riemergo.
Oggi sarร il punto in mezzo a un prima e un dopo :-)@matz ๐๐ฟ๐ฎ๐ป๐ฑ๐ถ๐ผ๐๐ผ.
-
undefined ๐๐ป๐ธ๐ท๐ผ๐ธ๐ท ๐ shared this topic on
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@evan Oooh, you caught a new Teeny Void Demon in the cat trap! What a perfectly seasonal addition to the family, congrats.
And welcome, Corvus! My black-but-for-that-silly-pointing-mutation Sudo sez "YOOOOWWWWWLLLOOOOooooo".
-
Making a Virtual Machine Look like Real Hardware to Malware
Running suspicious software in a virtual machine seems like a basic precaution to figure out whether said software contains naughty code. Unfortunately itโs generally rather easy to detect whether or not oneโs software runs inside a VM, with [bRootForce] going through a list of ways that a VirtualBox VM can be detected from inside the guest OS. While there are a range of obvious naming issues, such as the occurrence of the word โVirtualBoxโ everywhere, there many more subtle ways too.
Demonstrated is the PoC โmalwareโ application called Al-Khaser, which can be used to verify oneโs anti-malware systems, such as when trying to unleash a debugger on a piece of malware, run it inside a VM, along with many more uses. Among its anti-virtualization features are specific registry key names and values, file system artefacts, directory names, MAC addresses, virtual devices, etc.
In order to squeeze by those checks, [bRootForce] created the vbox_stealth shell script for Bash-blessed systems in order to use the VirtualBox Manager for the renaming of hardware identifier, along with the VBoxCloak projectโs PowerShell script thatโs used inside a Windows VirtualBox guest instance to rename registry keys, kill VirtualBox-specific processes, and delete VirtualBox-specific files.
Theoretically this should make it much harder for any malware to detect that itโs not running inside Windows on real hardware, but as always there are more subtle ways that are even harder to disguise.
-
On that note, we have a new member of our family. His name is Corvus. He is smol but mighty. We like him alot. /cc @maj @amita @Stavro #BlackCatDay
-
@stevendbrewer LOL
-
@evan Can I write it in PHP as long as I call the python library somehow?
-
Tutti gli psicodrammi in Apple sullโAi
L'articolo proviene da #StartMag e viene ricondiviso sulla comunitร Lemmy @informatica
Presa in contropiede da Trump, che l'ha costretta a indirizzare 500 miliardi in piani di sviluppo negli Usa, Apple continua a essere in difficoltร sul fronte Ai. Siri, dopo tanti rinvii, non puรฒ certo piรน mancare il debutto del prossimo
-
Are you on the Fediverse because you love social networking, or because you hate social networking?
-
It's for Computer Networking. I have to write a processor that takes a bespoke CSV format for firewall rules and turns them into calls to OpenFlow using a Python library called pox.
