Und3rf10w

My random rants and ravings

Shlyuz Implant Framework: Part 3 - Initial Release Usage

2022-08-21

Part 1 of this series dove into the influences of Shlyuz. Part 2 of this series dove into the architecture and research of the communication and crypto model. This part hopes to provide a quickstart guide for the current iteration of the released codebase.

Read more... ->

Shlyuz Implant Framework: Part 2 - Communication and Encryption

2022-01-19

Part 1 of this series dove into the influences of Shlyuz. This part will dive into the Shlyuz communication protocol and the way cryptography is used.

Read more... ->

Shlyuz Implant Framework: Part 1 - Influences

2022-01-08

Overview

I’m excited to finally discuss and share the Proof-of-Concept code for an implant framework I wrote called Shlyuz (шлюз). Shlyuz takes a number of design queues from the Assassin Implant developed by the Central Intelligence Agency as described in the Vault7 Leak from WikiLeaks. Some additional inspirations were taken from some other projects and presentations such as the excellent Flying a False Flag presentation from Blackhat 2019 by Nick Landers, among others.

Read more... ->

Tales from the Terminal: Silly Sudo Backdoors

2022-01-07

Overview

I once encountered a situation where I had local, unprivileged user access to a Linux server, and desired to escalate privileges. The server had a number of security monitoring solutions on it (e.g. EDR, shell history auditing), and normal methods that one would rely on to escalate privileges were failing. For example:

Read more... ->

Hello World

2022-01-05

It’s time. I’m gonna give blogging another shot. No more fear.

Read more... ->