so.cl

This post focuses on improving Module Stomping and Module Overloading, part of the PE injection techinques, that have been chosen as candidates because they avoid the creation of dynamic memory allocation and perform a common operation (LoadLibrary) that is the cornerstone of the technique. Improving the stealthiness of memory injections techniques

The reports of my death are greatly exaggerated.

I’m tired of this fake nonsense, of being told what to think, of people who cite consensus when no such consensus exists, of people who lie, distort, and betray. I’m tired of people who have neither any sense nor decency, and who so often arrogantly expect others to reason without sense or decency as they do.

That being said, see you in a week.

This website presents TunnelCrack, a combination of two widespread security vulnerabilities in VPNs. Although a VPN is supposed to protect all data that a user transmits, our attacks can bypass the protection of a VPN. For instance, an adversary can abuse our vulnerabilities to leak and read user traffic, steal user information, or attack user devices. Our tests indicate that every VPN product is vulnerable on at least one device. We found that VPNs for iPhones, iPads, MacBooks, and macOS are extremely likely to be vulnerable, that a majority of VPNs on Windows and Linux are vulnerable, and that Android is the most secure with roughly one-quarter of VPN apps being vulnerable. TunnelCrack: Widespread design flaws in VPN clients

Since today was the #rants day, let’s do one more: the new “cracking” group calling themselves SKIDROW (keep in mind there is absolutely no link between the old SKIDROW and the new SHITROW except the font) exposes some private (they think it’s private, except it’s fake, Voksi is not Empress) information about Empress while bitching that “DRM protects legitimate interest of hardworking people”. Imagine that, ladies and gentlemen. This has to be a really new cracker “person” (I have my doubts that it’s a real person) that’s been writing those .nfo files while on actual crack. Now, who would do such a thing as throwing shit at a wall and see what sticks? I do wonder.

The scene died a while ago, don’t let the shitty remains fool you, installing something “cracked” by SHITROW would be a really reckless thing to do.

And how I know Voksi is not Empress? It’s simple, I’m Voksi*. It’s easy making claims, isn’t it? One more reveal, I’m Taylor Swift too.

*no, I’m not Voksi, but I am Taylor Swift.

If your website tagline is “I get the job done!”, you’re a hooker.

Modern travel is an inauthentic experience that accounts for nothing except an opportunity for bourgeois fuckwits to humblebrag on Instagram about their trip to Bali or something.

Psion Netbook Pro, 2003

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers. NtDoc

High-quality browsable tables of system calls implemented by the Linux kernel on various architectures and ABIs. Linux kernel syscall tables

The history of the United States is like watching a derailed train crash and burn in slow motion over centuries. And that’s a problem because if you live in a Western country, you are a colony of the US, whether you like it or not. Because of this, whatever happens in the US is unavoidably going to effect its colonies as well. Politically, culturally, economically, Europe has become completely inseparable from the US.

Slides from BlackHat USA 2023. source

As of writing, this allows you to spoof emails from any of the +2 Million domains using MailChannels. It also gives you a slightly higher chance of landing a spoofed emails from any domain that doesn’t have an SPF & DMARC due to ARC adoption.

It was released at the Defcon 31 talk SpamChannel: Spoofing Emails From 2 Million+ Domains and Virtually Becoming Satan.

Life is but a blink of the eye of consciousness, only the delusional suffer from main-character syndrome.

Being around an unintelligent human is hell.

NEC MobilePro 900c, 2004

A salary is the gamification of slavery.