I was quite surprised when i learned several years ago that both on Linux and Windows operating systems, a not-so privileged user (that is to say a non-root user on Linux and a non-Admin user on Windows) can use a keylogger by setting hooks. Several techniques exist to do so (on Windows, function SetWindowsHookEx can…

I’ve read on several places (such as https://cyber.gouv.fr/sites/default/files/2014/01/NT_OpenSSH.pdf) that X11 forwarding is bad ( well it’s not what it’s written, but it’s what i remembered the first time i read this). I initially thought it was a common sense recommendation intended to reduce the attack surface, but i was wrong and it occurs that a…

In the previous article, we saw how an application can use a SOCKS client (such as proxychains) to contact a SOCKS server (the SSH client), allowing it to reach an address who cannot be contacted directly. Here we will see: Which source ? We get the portable version of OpenSSH from github: git clone https://github.com/openssh/openssh-portable.git…

What we want In addition to allowing to connect to a remote machine, SSH offers several ways to forward tcp ports, which can be very useful to access a terminal A to access to a server C it cannot reach directly, provided that it can reach an SSH server that can both speak to A…

Created in 2001, OpenVPN is a widely used open source VPN protocol, and many VPN providers (such as those who sponsor youtubers !) use it in their VPN clients.The internal of this protocol were relatively obscur to me so i’ve decided to had a closer look on it. For this, i’ve had a look at…

Like many peoples how wishing to level up in reverse engineering, i recently attempted to reverse a malware. I therefore cloned theZoo (https://github.com/ytisf/theZoo), and started analyzing a randomly chosen sample. This sample occured to be a wirenet sample. Wirenet, which is a malware targeting Linux and MacOS, was discovered around 2013 and has already been…