filmov
tv
Linux Backdoor Deep Dive (Part 2)
Показать описание
In this [RE]laxing new series, I fully reverse a Linux Backdoor (BPFDoor) from start to finish. In Part 2, we fix and label strings related to setting up socket connections, and even manage to find some IPTables shell commands!
These extensive "Deep Dive" segments concentrate on dissecting malware specimens and delving into the individual approaches employed to fully reverse them. Throughout the journey, I attempt to provide explanations of my techniques as much as possible, however, if any ambiguities arise, please feel free to post a comment below.
---
Timestamps:
00:00 Intro
00:50 Begin Ghidra Analysis
01:40 Socket Connections
04:15 htons
06:21 setscokopt
07:23 recvfrom
10:09 Forking
14:38 Swapping Values
16:20 INET_ntoa
18:26 justtryit
21:00 Working through the funtion
23:28 Fixing Incorrectly Typed Arrays
25:30 Setting IP Tables
27:03 Recap
---
Software Links Mentioned in Video:
---
Malware Examined in the video (BPFDoor):
sha256:fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
MalwareBazaar Link:
---
laurieWIRED Twitter:
laurieWIRED Website:
laurieWIRED Github:
laurieWIRED HN:
laurieWIRED Reddit:
These extensive "Deep Dive" segments concentrate on dissecting malware specimens and delving into the individual approaches employed to fully reverse them. Throughout the journey, I attempt to provide explanations of my techniques as much as possible, however, if any ambiguities arise, please feel free to post a comment below.
---
Timestamps:
00:00 Intro
00:50 Begin Ghidra Analysis
01:40 Socket Connections
04:15 htons
06:21 setscokopt
07:23 recvfrom
10:09 Forking
14:38 Swapping Values
16:20 INET_ntoa
18:26 justtryit
21:00 Working through the funtion
23:28 Fixing Incorrectly Typed Arrays
25:30 Setting IP Tables
27:03 Recap
---
Software Links Mentioned in Video:
---
Malware Examined in the video (BPFDoor):
sha256:fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a
MalwareBazaar Link:
---
laurieWIRED Twitter:
laurieWIRED Website:
laurieWIRED Github:
laurieWIRED HN:
laurieWIRED Reddit:
0:33:28
Linux Backdoor Deep Dive (Part 1)
0:27:37
Linux Backdoor Deep Dive (Part 2)
0:21:12
Linux Backdoor Deep Dive (Part 3)
0:23:19
Linux Backdoor Deep Dive (Part 4)
0:04:32
Linux got wrecked by backdoor attack
1:18:26
Deep Dive into XZ Utils Backdoor - Columbia Engineering, Advanced Systems Programming Guest Lecture
0:08:28
secret backdoor found in open source software (xz situation breakdown)
0:02:56
The XZ Backdoor: A Deep Dive into the Recent Security Breach by Kim's Workspace
0:01:01
The XZ Backdoor: A Deep Dive into the Recent Security Breach by Kim's Workspace
0:00:55
BPFDoor: A Stealthy Variant of Linux Backdoor
0:04:15
How BPFdoor Linux Backdoor Hid for 5 Years
0:02:43
Why Linus Torvalds doesn't use Ubuntu or Debian
0:03:45
New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows hmd tech news
0:01:00
A Deep Dive on the xz Compromise I TuxCare #shorts #opensource #github #cybersecurity
0:02:52
The XZ Backdoor: A Linux Vulnerability Exposed by Kim's Workspace
0:01:01
The XZ Backdoor: A Linux Vulnerability Exposed by Kim's Workspace
0:07:42
Unraveling the JiaTan Incident: A Deep Dive into Linux Hack
0:07:32
How Intel wants to backdoor every computer in the world | Intel Management Engine explained
0:14:42
The Apple Backdoor Explained.
0:10:53
Understanding PAM, Pluggable Authentication Modules in Linux
0:00:22
Roblox Error Codes 😱😰 #roblox #shorts #error
![[pawpatrules.fr] FIN7 SSH](https://i.ytimg.com/vi/Slil40j3TA0/hqdefault.jpg)
0:02:16
[pawpatrules.fr] FIN7 SSH backdoor detection with Suricata IDS/NSM engine
0:10:23
76 Connecting Server and Backdoor: Unlocking Remote Access with Python
0:44:51
Technical Deep Dive Into The XZ Backdoor - Timo Schmid
Комментарии