Wednesday, May 2, 2018

Infosec quotes - windows event logs

Hiding malware payloads inside windows event logs.

“... Write-EventLog ...  Get-EventLog ... binary data can hold up to 32kb of data, that means we can even store sophisticated large payloads of empire, Meterpreter ...”


https://medium.com/@5yx/windows-event-log-to-the-dark-side-storing-payloads-and-configurations-9c8ad92637f2 

No comments:

Post a Comment