hi Dave, long time fan. first time feedbacker, well: On 9/19/14, Dave Aitel <[email protected]> wrote: > ... > Everyone is sick of the Kaspersky guys doing three hundred page PDFs > with a long listing of which versions of some trojan they found were > installed when, and what features each trojan had, and what possible > code reuse there was. And of course, if there's an 0day in some random > trojan, everyone likes to rip that out and spend years pontificating > about it.
no doubt. i prefer my salty rants Aitel stylez! all of us in the game have lineage to a tee... but i digress, > But even if I'm not using 0day, I often want to protect my escalation of > privilege attacks from the defenders. I don't want them able to track my > code versions, and I don't want them knowing the details of my > exploitation methods so they can add more features to EMET or KAV. yeah, fuck those guys trying to make my shit fuck them less! > That's why INNUENDO allows you to put a password in that protects as > much of your implant deployment package as possible. i asked a friend, Volatility, and they said "please to re state in terms of cryptographic digest for code version and instruction sequence in terms of exploitation method." because every consideration they pose evaluates to a "as much as possible" equivalent to zero. there was agreement from VM recording and bus lane recording, as well. best regards, _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
