APC注入自身进程来进行权限维持
利用module stomb去加载shellcode,然后将shellcode地址插入到APC队列去执行。
blog:https://d3sh1n.github.io/2022/01/06/APC-%E6%B3%A8%E5%85%A5%EF%BC%88%E4%B8%80%EF%BC%89/
PS:若用本人项目去进行:HW演练/红蓝对抗/APT/黑产/恶意行为/违法行为/割韭菜,等行为,本人概不负责,也与本人无关
-
Notifications
You must be signed in to change notification settings - Fork 1
d3sh1n/APC-inject
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
APC注入自身进程来进行权限维持
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published