Hiding malware payloads inside windows event logs.
“... Write-EventLog ... Get-EventLog ... binary data can hold up to 32kb of data, that means we can even store sophisticated large payloads of empire, Meterpreter ...”
https://medium.com/@5yx/windows-event-log-to-the-dark-side-storing-payloads-and-configurations-9c8ad92637f2
No comments:
Post a Comment