John, you're an inspiration and got me into the cybersec industry. Don't be ashamed about your code quality; what matters is it works to the required standard. If you wanted or needed to write top-notch code all the time even for a quick solution out in the field, you'd be a programmer.
TLDR: They use glob* wildcards to match the target application they're trying to run instead of calling it outright. The target app in this case would be the schedule task app. This helps with circumventing automatic static analysis.
Hey John, you don't need to apologise or feel embarrassed about your script. It's definitely not perfect and I'm sure given the time you could come up with something better. However you did an amazing job to put this video together and showcase your handy tool, you're giving so much back to the community, don't be so hard on yourself.
This looks really cool. Im a CS major interested in Cybersecurity and after seeing this, I totally want to give that coding problem a try. I can't say how efficient i'd make it, but it looks like something ive never done before and that's how I like it. To be honest it would be a really good project to add to my resume too haha.
im right with you on loving obfuscation. It may seem silly, but its so cool to see the weird and wacky ways people disguise what theyre doing. Thanks for the awesome video :D
Honestly its a lot easier to just make your commands look like typical network traffic. Admin can be gained without touching disk a lot of the time, once you have an admin account a good portion of commands blend into the background. Its more data exfil that requires an advance level of obfuscation.
This is fun... I can completely understand as a researcher why this is exciting despite those "interesting" conversations. Defensive sec people love to downplay the capability of a simple trick until it works everywhere where it supposedly shouldnt. I share the same level of enthusiasm as you for neat tricks like this... 👍👍
Couple things: a) I'm so sorry, but I can't help but see you as the child of Seth Rogen and Ed Sheeran. Lol please forgive me. b) I LOVE this channel. I finished a phd in cs a year ago, but my work is all social simulation stuff, nothing to do with security. I did have to do buffer overflows and reverse engineering assembly just a little bit, but that was only one class. I always wondered about the details of a lot of things we heard about, but there were never any examples. This channel is every worked example I could ever ask for! I know just enough to follow along with what you're doing most times, and watching you work through everything is SO INSTRUCTIVE. I've learned a ton already, and I've been binging your videos for a couple weeks. No plans to stop any time soon; I'm gonna start some CTF challenges myself because of all this. Thanks dude! Keep up the awesome work!
One way to make it faster and more plesant, is to treat each folder separately; no need to do the whole loop again when one part of the path changes; then you can offer choices for each section.
you can use your program that enumerates through all the different wildcard possibilities and instead make them as directories on your system after replacing the question marks with a different character. find which pathways are targeted the most and create these empty directories to the point where explicit pathways are necessary. using wildcards will produce numerous outputs and becomes less practical that calling out specific and explicit pathways.
Well looking at the output of your shortest code: $env:?????????T\ Is always the shortest path that populates: To optimize it you would just have to tell your loops to only check the end parts of the script, as when you performed the full look up, It was also cycling: $env:???????OO?\ which does not need to be checked.
I don't think its a bad idea, because the question is "How many people actually look at the logs like they're suppose to?" I want to start getting into making more projects like you made. The code wasn't perfect but you saw your vision out.
That's the thing, if I see any form of obfuscation (or even use of rare aliases in PowerShell) my suspicion is increased 100 fold. This might help you avoid certain forms of static analysis or string filtering, etc, but if you _do_ see this in the logs, you've probably found something interesting...
If you are from a developing country, 99% of ISP will be dynamic, so you ips are always changing everytime you connect back. Unlike USA, where you are given a static IP by your ISP. Dynamic IP equal safety Pair with a proxy randomizer and proxy shell on your network. You will be untraceable
"It takes a long time, it's not ideal..." So it takes like hours? Yeah I can see that's a long time. "It takes like 30 seconds to a minute" Oh... That's way faster than I expected.
Great subject and great video, as always. Python can be slow ONLY, and ONLY when you have tested with Asyncio / Multiprocessing / CPython. But I think in this case, it can do the trick, because we don't need to wait for a result to create another one.
I was wondering if applications uses this to find paths or is it just a tool in the command line for users? Also if apps uses this. What happens if I create a new folder?
10 go to DOS 20 go to 10 end (endless dos screens open up. If you really want to piss off the scammer just put this into startup. Every time to try to reboot dos continues.)
Would it be quicker to set each directory as its own variable, find all the glob permutations for each variable, then combine them together to get all the total permutations?
If that is the case, would multithreading speed it up any further? Example: target = "C:\dir_1\dir_2\dir_3\file.ext" splitting gives us a list: "C:\dir_1" "C:\dir_1\dir_2" "C:\dir_1\dir_2\dir_3" "C:\dir_1\dir_2\dir_3\file.ext" assign each entry in the list to a thread or core each thread/core runs the permutation finding code only on the last part (output to a file perhaps) then when you want to get a result, it could pick one randomly from each set/group
@@luketurner314 I was thinking something like target = "C:\dir_1\dir_2\dir_3\file.ext" splitting gives us a list: var1 = "C:\dir_1" var2 = "\dir_2" var3 = "\dir_3" var4 = "\file.ext" I'm not up on threaded programming, but it seems like those four variables could be sent to different threads to create all the possible glob patterns. When those threads return, then recombine the four variables to get all possible combinations. Depending on the threads available, that could also be threaded. Set thread 1 at var1 mutable, var2, var3, var4 static. Thread 2 at var2 mutable, var1, var3, var4 static, ... thread n at var1, var2, var3, var4 mutable. However the final string is chosen, it would need to be checked to make sure it doesn't pickup more than one file.
@@liamwhalen If each thread checks for a single match on each iteration of the glob pattern permutation, then you won't need to at the end when combining the partial results. These single match checks shouldn't be computationally expensive since the subdirectories are cached beforehand. That's why I had the list contain full paths that could be checked during the permutation iteration.
@@luketurner314 I defined the problem in another way. If the user is looking for a single string to use, it is probably quicker (in a problem space of say >= 3 directories) to generate all the possible combinations first. Once that is done choosing one from them can be done and checked. A directory search is going to be a system call of some sort even if the information is cached (and the user may not be able to guarantee that a target system has anything cached). As well, once all the combinations are present, then advanced options could be added to qualify how the string is chosen e.g. User wants > 10 single character substitutions and < 5 wildcards, and the filename can have at most 2 characters.
@@liamwhalen Maybe it would be quicker to only check at the end, but IIRC in the video the caching and permutation finding is done on the attacker's machine before the attack even begins
i need help, short said: i have a virus, he gets activated every 3 months. its annoying, i still have the virus on an usb stick to share. if you could look into it, would be nice, thx
I'm wondering if you know any free, online beginner resources to teach people how to code? I watched a video on PyCharm/Python and followed the baby steps, understanding most of the concepts, but the series ended abruptly after simply teaching you how to code a thermometer (maybe there was more somewhere else behind a pay wall, idk..). I really want to try to learn some technical skill and ability with computers to hopefully effect a career change but I can't afford courses etc as too many mouths to feed! And I can't really attend a classroom setting due to having to work ~72hrs a week. At the bottom end of the ladder the salaries in IT fields for unskilled folk is literally half my current salary and I cant take that pay cut. Is there anything you know of that I can do remotely to get the knowledge, even if that comes without accreditation? Sorry for long message..
I got tossed an obfuscated url once without any fancy clones characters.. Not sure exactly how it was done. I recall there's some kind of... Targeting syntax used first. Like some underlying url code that may trigger say Google maps to load the URL right away. But tweaked It said dub dub dub Google cm like it should but definitely took me far from it
09:52 Why would such option even exist? As far as I understood it the "?" wild card character does nothing good to anyone trying to work with the system but makes the life of threat defenders a nightmare as antimalware software might get in trouble finding a malicious code, that is basically just question marks that Windows is going to evaluate to the closest command. Isn't it stupid? Or maybe even downright dangerous practice?
$env:whatever is just a string. You can find the path to calc however you like. e.g. Get-Childitem also allows glob matching, or Join-Path 'C:' 'W*s' 's*m3?' '*lc.*e' -resolve That's not even counting .net and regex. If you want to stop somebody running calc you'll have to deny their permissions on calc. Searching for files is a perfectly legitimate and useful feature of powershell.
Where is your link? I really cannot find it i seriously need your snyk program being 73yrs im not real up on all this development and hackers which by tge wat it is happening to me from August and still!
This seems like the sort of problem computer scientists and leet coders salivate about. If I had to take a guess, it’s something like figure out the minimum amount of changes required to autocomplete your chosen path (Yes I know it’s a super obvious definition) So if you had a trie filled with the characters with all the paths from having a all ? glob. The only location that must have a character is where there are branches that lead away from the result. Something like that, I’m not a leet coder lol I could be wrong, this is more of an answer coming from intuition. This generates one answer but the nice thing is because we know the minimum character locations required to get the chosen result then it becomes very easy to generate all the other potential matches. Just replace the ? that aren’t part of the minimum with characters from the path.
I recently watched: JavaScript Is Weird (EXTREME EDITION) by, Low Byte Productions. Do you ever find anything like this when breaking down some malicious code?
I need help tremendously with all of my tech! I haven't had access to my wifi security in four years, ive called everywhere & get nowhere. I have multiple administrators & groups on both of me laptops & limited $$$ due to trying to buy new devices. There's sooooo much more at hand here, that's just me naming a few. I have basically no control over my own tech within my whole life & it's sad & limiting in my life.
this would be awesome if you could use some of that * wildcard action on my Junk Mail Block list. Been trying to get wildcards working for junk mail filtering forever.
I remember you talking a out IEX alternatives in a past video. I wonder if there's a good way to further obfuscate this (or get this to function in an environment that is less friendly toward IEX)
Why not getting a few short version from every step/directory for the specified path, save them and join them together for a variety of version to chose from. So first check, what's the best way for env, then system32,... And at the end join some versions together for printing a variety to choose from :) Sorry for my bad explanation but I'm not English and can't code :D but thought this make it alot easier to process. Thanks for the video tho, very inspiring :)
Basically, this is just another way to obfuscate a string constant? Or well, to obfuscate certain file paths. Does it have any advantage over, for example, storing the encrypted/encoded file path with the key and then decrypting/decoding it?
Hey John, I need your help please, I have qualified to do software engineering in the next two weeks time but my biggest problem I don't know how to do coding.kindly help
an actual way they hide is putting null byte character im beginning of key names of registry causing an item not to show in the gui. a badass would use dinvoke
i think this is a waste tbh because you would have to know a lot of specific info about a system. random things might accidentally be run instead or it might not working depending on which version or framework they have installed. dinvoke and c# would be better to bypass antivirus. they wouldnt flag the keys or env vars anyway. unless it relates to like a super common bypass or wtv like the windir key in environment of hkcu
Well, it leads us to even more funny idea. What about writing a tool, which will analyze the content of a filesystem and derive the minimal set of fake folder names, that should be created to let all such globes fail? It should be the simplest but effective protection against this kind of obfuscation 🤣
Did you just pronounce meme, me-me? It's pronounced MEEM. Don't act like someone wasn't going to notice that. Also, soft G on GIF like give or going. I do love that you keep the mistakes you make up. Helps to know that no one is perfect and I know you could edit that out, but it's fun to see what common typing errors people have in their head.
John, you're an inspiration and got me into the cybersec industry. Don't be ashamed about your code quality; what matters is it works to the required standard. If you wanted or needed to write top-notch code all the time even for a quick solution out in the field, you'd be a programmer.
TLDR: They use glob* wildcards to match the target application they're trying to run instead of calling it outright. The target app in this case would be the schedule task app. This helps with circumventing automatic static analysis.
These are not regex, glob patterns, but yeah
not regex please correct
*TLDW
Hey John, you don't need to apologise or feel embarrassed about your script. It's definitely not perfect and I'm sure given the time you could come up with something better. However you did an amazing job to put this video together and showcase your handy tool, you're giving so much back to the community, don't be so hard on yourself.
This.
This looks really cool. Im a CS major interested in Cybersecurity and after seeing this, I totally want to give that coding problem a try. I can't say how efficient i'd make it, but it looks like something ive never done before and that's how I like it. To be honest it would be a really good project to add to my resume too haha.
im right with you on loving obfuscation. It may seem silly, but its so cool to see the weird and wacky ways people disguise what theyre doing. Thanks for the awesome video :D
John: I'm embarrassed about my code.
*The code is actually better than 99% of my codes*
This is awesome, and never hesitate to show code, because (most of us) aren't even near you level! Thanks for this John!
Honestly its a lot easier to just make your commands look like typical network traffic. Admin can be gained without touching disk a lot of the time, once you have an admin account a good portion of commands blend into the background. Its more data exfil that requires an advance level of obfuscation.
This is fun... I can completely understand as a researcher why this is exciting despite those "interesting" conversations. Defensive sec people love to downplay the capability of a simple trick until it works everywhere where it supposedly shouldnt. I share the same level of enthusiasm as you for neat tricks like this... 👍👍
Couple things:
a) I'm so sorry, but I can't help but see you as the child of Seth Rogen and Ed Sheeran. Lol please forgive me.
b) I LOVE this channel. I finished a phd in cs a year ago, but my work is all social simulation stuff, nothing to do with security. I did have to do buffer overflows and reverse engineering assembly just a little bit, but that was only one class. I always wondered about the details of a lot of things we heard about, but there were never any examples. This channel is every worked example I could ever ask for!
I know just enough to follow along with what you're doing most times, and watching you work through everything is SO INSTRUCTIVE. I've learned a ton already, and I've been binging your videos for a couple weeks. No plans to stop any time soon; I'm gonna start some CTF challenges myself because of all this.
Thanks dude! Keep up the awesome work!
One way to make it faster and more plesant, is to treat each folder separately; no need to do the whole loop again when one part of the path changes; then you can offer choices for each section.
you can use your program that enumerates through all the different wildcard possibilities and instead make them as directories on your system after replacing the question marks with a different character.
find which pathways are targeted the most and create these empty directories to the point where explicit pathways are necessary.
using wildcards will produce numerous outputs and becomes less practical that calling out specific and explicit pathways.
I learnt this technique from you. Thank you sir for this video. ❤
dont listen to people ur the best my brother we love u. :)
don't scold yourself, Ricky, this was fun and educational to watch. Thanks for sharing cool stuff
Well looking at the output of your shortest code:
$env:?????????T\
Is always the shortest path that populates:
To optimize it you would just have to tell your loops to only check the end parts of the script, as when you performed the full look up, It was also cycling:
$env:???????OO?\
which does not need to be checked.
this is quite neat, thanks for the update John
I don't think its a bad idea, because the question is "How many people actually look at the logs like they're suppose to?" I want to start getting into making more projects like you made. The code wasn't perfect but you saw your vision out.
That's the thing, if I see any form of obfuscation (or even use of rare aliases in PowerShell) my suspicion is increased 100 fold. This might help you avoid certain forms of static analysis or string filtering, etc, but if you _do_ see this in the logs, you've probably found something interesting...
supposed*
it's*
If you are from a developing country, 99% of ISP will be dynamic, so you ips are always changing everytime you connect back. Unlike USA, where you are given a static IP by your ISP.
Dynamic IP equal safety
Pair with a proxy randomizer and proxy shell on your network.
You will be untraceable
Whenever I hear John’s voice I get really relaxed! So I will keep advocating for his asmr :D
How Reloaded, Razor1911, Fitgirl etc etc can "hide" for so long time ?
Thanks for the tutorial, I'll try it out
wow that is pretty awesome. thanks for everything your doing!
"It takes a long time, it's not ideal..."
So it takes like hours? Yeah I can see that's a long time.
"It takes like 30 seconds to a minute"
Oh... That's way faster than I expected.
@John your code is beautiful on the inside ❤
Very interesting! Thank you!
John, ] you're awesome, Mark. Inspiring. Keep up the great work
Great subject and great video, as always. Python can be slow ONLY, and ONLY when you have tested with Asyncio / Multiprocessing / CPython. But I think in this case, it can do the trick, because we don't need to wait for a result to create another one.
I was wondering if applications uses this to find paths or is it just a tool in the command line for users? Also if apps uses this. What happens if I create a new folder?
10 go to DOS
20 go to 10
end
(endless dos screens open up. If you really want to piss off the scammer just put this into startup. Every time to try to reboot dos continues.)
This is what I’ve been what for. Yaaaaassssss im so happy 😁
@Johnhammond please do part 2
Would it be quicker to set each directory as its own variable, find all the glob permutations for each variable, then combine them together to get all the total permutations?
If that is the case, would multithreading speed it up any further? Example:
target = "C:\dir_1\dir_2\dir_3\file.ext"
splitting gives us a list:
"C:\dir_1"
"C:\dir_1\dir_2"
"C:\dir_1\dir_2\dir_3"
"C:\dir_1\dir_2\dir_3\file.ext"
assign each entry in the list to a thread or core
each thread/core runs the permutation finding code only on the last part (output to a file perhaps)
then when you want to get a result, it could pick one randomly from each set/group
@@luketurner314 I was thinking something like
target = "C:\dir_1\dir_2\dir_3\file.ext"
splitting gives us a list:
var1 = "C:\dir_1"
var2 = "\dir_2"
var3 = "\dir_3"
var4 = "\file.ext"
I'm not up on threaded programming, but it seems like those four variables could be sent to different threads to create all the possible glob patterns. When those threads return, then recombine the four variables to get all possible combinations. Depending on the threads available, that could also be threaded. Set thread 1 at var1 mutable, var2, var3, var4 static. Thread 2 at var2 mutable, var1, var3, var4 static, ... thread n at var1, var2, var3, var4 mutable.
However the final string is chosen, it would need to be checked to make sure it doesn't pickup more than one file.
@@liamwhalen If each thread checks for a single match on each iteration of the glob pattern permutation, then you won't need to at the end when combining the partial results. These single match checks shouldn't be computationally expensive since the subdirectories are cached beforehand. That's why I had the list contain full paths that could be checked during the permutation iteration.
@@luketurner314 I defined the problem in another way. If the user is looking for a single string to use, it is probably quicker (in a problem space of say >= 3 directories) to generate all the possible combinations first. Once that is done choosing one from them can be done and checked. A directory search is going to be a system call of some sort even if the information is cached (and the user may not be able to guarantee that a target system has anything cached). As well, once all the combinations are present, then advanced options could be added to qualify how the string is chosen e.g. User wants > 10 single character substitutions and < 5 wildcards, and the filename can have at most 2 characters.
@@liamwhalen Maybe it would be quicker to only check at the end, but IIRC in the video the caching and permutation finding is done on the attacker's machine before the attack even begins
What can I do for generating in the Calcutta
14:58 This reminds me of Matt Parker's code to find five five-letter words that have no letters in common...
How is malware signed with a ceritficate? How do they bypass Windows Defender Smartscreen?
Certificates get stolen all the time. Nvidia had a couple stolen earlier this year.
i need help,
short said:
i have a virus,
he gets activated every 3 months.
its annoying,
i still have the virus on an usb stick to share.
if you could look into it,
would be nice,
thx
why has this guy such a problem with bots?
The wildcard syntax looks a lot like what was happening in the powershell reverse engineering video you encountered previous
I love Snyk. We use it at my work.
Is there a powershell command to detect when someone is using these?
I'm wondering if you know any free, online beginner resources to teach people how to code? I watched a video on PyCharm/Python and followed the baby steps, understanding most of the concepts, but the series ended abruptly after simply teaching you how to code a thermometer (maybe there was more somewhere else behind a pay wall, idk..). I really want to try to learn some technical skill and ability with computers to hopefully effect a career change but I can't afford courses etc as too many mouths to feed! And I can't really attend a classroom setting due to having to work ~72hrs a week. At the bottom end of the ladder the salaries in IT fields for unskilled folk is literally half my current salary and I cant take that pay cut. Is there anything you know of that I can do remotely to get the knowledge, even if that comes without accreditation? Sorry for long message..
I got tossed an obfuscated url once without any fancy clones characters..
Not sure exactly how it was done.
I recall there's some kind of... Targeting syntax used first.
Like some underlying url code that may trigger say Google maps to load the URL right away.
But tweaked
It said dub dub dub Google cm like it should but definitely took me far from it
love your code john !
wow, news from a few decades ago. really impressive, clap, clap, clap ...
Hey man, It works great and without any problems.
09:52 Why would such option even exist? As far as I understood it the "?" wild card character does nothing good to anyone trying to work with the system but makes the life of threat defenders a nightmare as antimalware software might get in trouble finding a malicious code, that is basically just question marks that Windows is going to evaluate to the closest command. Isn't it stupid? Or maybe even downright dangerous practice?
$env:whatever is just a string.
You can find the path to calc however you like.
e.g. Get-Childitem also allows glob matching, or Join-Path 'C:' 'W*s' 's*m3?' '*lc.*e' -resolve
That's not even counting .net and regex.
If you want to stop somebody running calc you'll have to deny their permissions on calc.
Searching for files is a perfectly legitimate and useful feature of powershell.
Defender wants to know your location 😂
Where is your link? I really cannot find it i seriously need your snyk program being 73yrs im not real up on all this development and hackers which by tge wat it is happening to me from August and still!
This script would be a good opportunity to implement some "dynamic programming" tricks such as memoization. Might help speed it up.
Awesome vid John
"Ferb i know what are we gonna do today!"
This seems like the sort of problem computer scientists and leet coders salivate about.
If I had to take a guess, it’s something like figure out the minimum amount of changes required to autocomplete your chosen path (Yes I know it’s a super obvious definition)
So if you had a trie filled with the characters with all the paths from having a all ? glob. The only location that must have a character is where there are branches that lead away from the result.
Something like that, I’m not a leet coder lol I could be wrong, this is more of an answer coming from intuition.
This generates one answer but the nice thing is because we know the minimum character locations required to get the chosen result then it becomes very easy to generate all the other potential matches. Just replace the ? that aren’t part of the minimum with characters from the path.
I recently watched: JavaScript Is Weird (EXTREME EDITION) by, Low Byte Productions. Do you ever find anything like this when breaking down some malicious code?
I've done secure code reviews where the developers have inadvertently done "weird things" which meant doing the review is harder.
Wow, dude, great job 👍💬🔥
Thanks, more videos on how to find the hack or attack... and destroy them!
what is the final benefit for all of that ?
Obfuscation is a deprecated practice. If you still use this method, you deserve the part van.
It's like cybersecurity wordle
I need help tremendously with all of my tech! I haven't had access to my wifi security in four years, ive called everywhere & get nowhere. I have multiple administrators & groups on both of me laptops & limited $$$ due to trying to buy new devices. There's sooooo much more at hand here, that's just me naming a few. I have basically no control over my own tech within my whole life & it's sad & limiting in my life.
Good afternoon
When I type htop I see
PID# and USER- rtkit
What does this mean???
Love your videos 🖤
I knew these hackers. There are musical effects.
i love u so much bro, thanks very much
this would be awesome if you could use some of that * wildcard action on my Junk Mail Block list. Been trying to get wildcards working for junk mail filtering forever.
awesome jhon
Video suggestion!
Do the Hacktheboo ctf's - would love to see em
I remember you talking a out IEX alternatives in a past video. I wonder if there's a good way to further obfuscate this (or get this to function in an environment that is less friendly toward IEX)
Neat idea. Is the source code in github or the like?
17:25 play with it in C? :D
I would be interested to see how fast the script ran on the version of PY used here and the new 3.11 you posted a video about.
Exactly. Python 3.11 is supposed to be about 20% faster in most tasks generally. It's worth checking...
can we obsfucate "-ep bypass" ??
@@thedosiusdreamtwister1546 so it should bypass and run the "powershell -ep bypass" command right ?
Why not getting a few short version from every step/directory for the specified path, save them and join them together for a variety of version to chose from.
So first check, what's the best way for env, then system32,...
And at the end join some versions together for printing a variety to choose from :)
Sorry for my bad explanation but I'm not English and can't code :D but thought this make it alot easier to process.
Thanks for the video tho, very inspiring :)
you should rewrite it in c++! its so fast 👍
i assume a hacky way of protecting against this would be to create decoy dirs that satisfy the wildcards, like C:\Windows\System31...
Whats the idea of having a file extension .pdf.lnk rather than just a pdf?
Your worst Python is better than my best.
It can't get anymore simple than this. Thank you soo much howtobasic!
Wtf, stop apologizing for your code! Trust me, mine is worse...
Basically, this is just another way to obfuscate a string constant? Or well, to obfuscate certain file paths.
Does it have any advantage over, for example, storing the encrypted/encoded file path with the key and then decrypting/decoding it?
Yeah lots of antimalware will catch it on decryption this is kinda more hiding in plain sight
Hey John, I need your help please, I have qualified to do software engineering in the next two weeks time but my biggest problem I don't know how to do coding.kindly help
an actual way they hide is putting null byte character im beginning of key names of registry causing an item not to show in the gui. a badass would use dinvoke
i think this is a waste tbh because you would have to know a lot of specific info about a system. random things might accidentally be run instead or it might not working depending on which version or framework they have installed. dinvoke and c# would be better to bypass antivirus. they wouldnt flag the keys or env vars anyway. unless it relates to like a super common bypass or wtv like the windir key in environment of hkcu
Well, it leads us to even more funny idea. What about writing a tool, which will analyze the content of a filesystem and derive the minimal set of fake folder names, that should be created to let all such globes fail? It should be the simplest but effective protection against this kind of obfuscation 🤣
Lookin' slim.
Sir plz made a video in bug bounty 🥺
This is so cool!
can you tell what is the best CTF for people that are complete ignorant about hacking like me? lol
lemme be your stundent sensei!
someone knows if theres a script for linux escape?
You have the "if main==name" thing, so your python code is already better than most of mine.
"AT" for the WIN, not listed still there.
Full file explain How to time.
Did you just pronounce meme, me-me? It's pronounced MEEM. Don't act like someone wasn't going to notice that. Also, soft G on GIF like give or going.
I do love that you keep the mistakes you make up. Helps to know that no one is perfect and I know you could edit that out, but it's fun to see what common typing errors people have in their head.
It's creator says it should be pronounced as Jiff...😄 But everyone says Giff !! Apparently it really bugs him. 😆
Real hackers won't use Microcrap Winblows
Interesting
Why don't you try rewrite it in rust..
Give me source code of envy John!
Did you just say “me me”?!?!
I like the content in your videos, but please buy a pop filter!
true i tried.