Jonas L
@jonasLyk
Followers
19K
Following
127
Media
834
Statuses
4K
Presenting D-Generate , syscall tracing as its supposed to be! https://t.co/8qXjp9R381 usage: dg cmd.exe - displays all syscalls done by process with cmd.exe as imagefile. dg 4736 - by pid 4736 dg - just everything example of recording: https://t.co/eJbbFHUX5C
17
239
785
i live 3 hour drive to nearest person i know and got no car- i cant call taxi, so everything very difficult atm
2
0
20
just so you all know- all my devices been hacked, i cant get a new phone -everything is terrible and i cant do anything, i cant even get on discord
19
12
128
i never heard about it getting fixed- but looking at the old post now i see it say fixed- could it be a fix that blocked the append to the ..sys so it became all 0x00 that caused mayhem maybe?
1
0
16
So - appended 1 byte to the agent sys file - next boot signature mismatch and crowdstrike no longer loaded
1
0
19
Just throwing this out there: https://t.co/oHsMJFTYlS Around 2 years ago i got access to a pc with crowdstrike first time. I quickly discovered that the minifilter did not catch when open file only with append access
@rad9800 @jonasLyk My understanding is if you right-click on FileTest.exe, select 'Run As Administrator,' accept the UAC prompt, then navigate to CSAgent.sys (or any other driver in System32) you will be able to open it. If you want to DM on expectations, we can chat it out :)
1
14
98
i am not trying to argue whether or not Admin -> Kernel should be a security boundary (though based on their own design decisions imo it should be 🤷🏻♀️ ). It’s up to them! I just find interacting w MSRC to be degrading and prefer to avoid it when possible
3
4
46
Just completely remade the Harden Windows Security module/script's GUI Still have more plans and customizations in mind Check it out and any feedback is welcome! (❤️ ω ❤️) https://t.co/lfd3SaDvvM Music: DPR IAN - Don't Go Insane #CyberSecurity
7
37
231
sdk somehow always manages to be concluded relevant in any search- i am not a rustcoder or a catgirl, whats going on how did it become so bad
0
0
18
I am not the only one that experience this according to discord- google and bing are by now useless for finding examples of using windows api- its been downhill a while, but now its simply useless, I dont know if its ai generated that beats seo algos or why the fucking rust
13
4
67
an archive of the lnk file -maybe the location it points at in the sane folder is what id exspect
2
0
2
To be honest I find it way more interesting that it is possible with specific unicodes and alternating LTR and RTL have text transform on each "paste" such that you possible can introduce entropy loss from known value to detect how many times copied
7
8
605
After all the shit- still trying to make work for free for them...
5
14
259
Im kinda done with security research- and im defintly done with ms- but whatever is going on here could be worth a look.....
7
35
302
Even better now- i added default to 0 , so now when the cast is wrong the scope where its used is skipped
0
0
3