Inktober has begun!
Uncategorized
22
Posts
1
Posters
1
Views
-
-
-
undefined Oblomov shared this topic on
Feed RSS
Gli ultimi otto messaggi ricevuti dalla Federazione
-
@evan Oooh, you caught a new Teeny Void Demon in the cat trap! What a perfectly seasonal addition to the family, congrats.
And welcome, Corvus! My black-but-for-that-silly-pointing-mutation Sudo sez "YOOOOWWWWWLLLOOOOooooo".
-
Making a Virtual Machine Look like Real Hardware to Malware
Running suspicious software in a virtual machine seems like a basic precaution to figure out whether said software contains naughty code. Unfortunately itâs generally rather easy to detect whether or not oneâs software runs inside a VM, with [bRootForce] going through a list of ways that a VirtualBox VM can be detected from inside the guest OS. While there are a range of obvious naming issues, such as the occurrence of the word âVirtualBoxâ everywhere, there many more subtle ways too.
Demonstrated is the PoC âmalwareâ application called Al-Khaser, which can be used to verify oneâs anti-malware systems, such as when trying to unleash a debugger on a piece of malware, run it inside a VM, along with many more uses. Among its anti-virtualization features are specific registry key names and values, file system artefacts, directory names, MAC addresses, virtual devices, etc.
In order to squeeze by those checks, [bRootForce] created the vbox_stealth shell script for Bash-blessed systems in order to use the VirtualBox Manager for the renaming of hardware identifier, along with the VBoxCloak projectâs PowerShell script thatâs used inside a Windows VirtualBox guest instance to rename registry keys, kill VirtualBox-specific processes, and delete VirtualBox-specific files.
Theoretically this should make it much harder for any malware to detect that itâs not running inside Windows on real hardware, but as always there are more subtle ways that are even harder to disguise.
-
On that note, we have a new member of our family. His name is Corvus. He is smol but mighty. We like him alot. /cc @maj @amita @Stavro #BlackCatDay
-
@stevendbrewer LOL
-
@evan Can I write it in PHP as long as I call the python library somehow?
-
Tutti gli psicodrammi in Apple sullâAi
L'articolo proviene da #StartMag e viene ricondiviso sulla comunitĂ Lemmy @informatica
Presa in contropiede da Trump, che l'ha costretta a indirizzare 500 miliardi in piani di sviluppo negli Usa, Apple continua a essere in difficoltà sul fronte Ai. Siri, dopo tanti rinvii, non può certo piÚ mancare il debutto del prossimo
-
Are you on the Fediverse because you love social networking, or because you hate social networking?
-
It's for Computer Networking. I have to write a processor that takes a bespoke CSV format for firewall rules and turns them into calls to OpenFlow using a Python library called pox.
