The ST9 family of microprocessors is pretty old, and currently end-of-life. They can still be found in devices being sold though. One thing that really intrigued me is that the approach to programming them involves loading a program into the microprocessor memory and executing it. The commercial programmer for these devices is no longer available. Also, it looks like it ran in MS-DOS. So, I made my own using an Arduino Uno.
Using a Debian VM over RDP I did not find a suitable answer to this elsewhere, so I’ve decided to document it here - How do you correctly use NetworkManager in a Debian VM when you’re accessing it over RDP? For this example it is a Debian VM using XFCE and let’s assume you’ve installed the OpenVPN plugin using
1 sudo apt install network-manager-openvpn-gnome/stable From an otherwise clean install, you could access the OpenVPN plugin from the widget on the panel and you’ll see, as expected:
Shellcode Loader I just put together a basic python script to generate a Windows shellcode loader. It uses mingw to cross-compile to make it easy to generate and update the loader without needing a Windows OS.
Note that the included sleep and obfuscation techniques are WELL SIGNATURED and MS Defender will detect the loader as-is. It’s up to a user to figure out what they need for their own uses.
I’m planning on a talk discussing opensource C2 (command & control) frameworks like Havoc and Mythic. To be complete, there really needs to be a good environment to test and demonstrate against. And to be thorough, this environment should at least have some basic security controls in place. As I keep finding poor documentation online, these blog posts will help to consolodate some lessons learned.
Logging Logging is the most critical security control to implement.
Havoc C2 plugin for Donut I just made a Havoc C2 plugin to help spawn donut-generated shellcode into a new process. Will add some more features as time permits - really wanted this to help out with a ‘bypassing EDR’ talk I’m planning for next month. There’s a python plugin for the main and dev branches in the Havoc-Donut plugin repository.
Make sure to use a Havoc C2 dev branch that contains this pull request.
If you’re just trying to play around with OpenStack, definitely look at DevStack first. Before I go into any significant detail, here’s my current OpenStack (2023.1) configuration:
Docker-Compose and general setup is documented in GitLab It will pull a single minimized Docker image (~600MB) from my DockerHub Why Containers? I’ve found that packaging my OpenStack configuration inside containers helps organize and revision control my OpenStack setup quite well. A number of containers will be privileged or host networking - if you’re going to use openvswitch and qemu, it’s going to be privileged.
Hack_Char's Blog
