i choose ransomware...cz it's the the most thing that u'll get knowledge about...specially about cryptography....and security of data...and a lot of things...and about c2 implant i guess it's about RATs like craxsrat...this is it? right? this so somthing really powerfull...i don't know what i need to choose
but can i give you a question? isn't verry hard for a begineer? is this what i need as a begineer and i can get it easly? do you recommand me somthing else?read it if u not read already -
maybe usefull
100% usefull:
vx-underground
www.vx-underground.org
for encrypton: learn the source code of stream cyphers like salsa20 or chacha20 - u will need implement some of them 100%
for c2 implant or rat or beacon: take a look on Havok src on github, and read it: https://github.com/mai1zhi2/SharpBeacon
also: https://bbs.kanxue.com/thread-269115.htm
ps: bbs.kanxue.com - has great community of chines, topics about revers engineering and OS internals, need to use translator tho (be carefull any illigal activity not allowed there - use xss.pro \ exploit.in for that)
good luck.
like how can i learn about this if i have not any knowledge in windows liberary..and that what i'm searching forread it if u not read already -
maybe usefull
100% usefull:
vx-underground
www.vx-underground.org
for encrypton: learn the source code of stream cyphers like salsa20 or chacha20 - u will need implement some of them 100%
for c2 implant or rat or beacon: take a look on Havok src on github, and read it: https://github.com/mai1zhi2/SharpBeacon
also: https://bbs.kanxue.com/thread-269115.htm
ps: bbs.kanxue.com - has great community of chines, topics about revers engineering and OS internals, need to use translator tho (be carefull any illigal activity not allowed there - use xss.pro \ exploit.in for that)
good luck.
cocomelon blog posts, I think for bigginers - in real world enviroment without modifications that trink not works. U can play with it and get more understanding about topic and go ahead.
Nah. U can start working on hard things from start. This way will be faster then making easy-to-code pocs. Try to understand compicated things and dont warry if u can understand them fast. Sometime need to speand weeks on researching some code of tool - but it worth it
U will find the answers in documentaion on forum here on github and others place. Also u can send a quastions to some members here or on others forums
ok thank you so much...^_^ so basecly i'll try to see about cocomelonc blog and try to understand that posts... if i couldn't i'll try to find another way... simply to be honest... the thing that i found hard is type value of windows liberarie... and that code of payloads... like what's that code in hex? for exemple this one:
unsigned char data[] = {
0xfc, 0x48, 0x81, 0xe4, 0xf0, 0xff, 0xff, 0xff, 0xe8, 0xd0, 0x0, 0x0,
0x0, 0x41, 0x51, 0x41, 0x50, 0x52, 0x51, 0x56, 0x48, 0x31, 0xd2, 0x65,
0x48, 0x8b, 0x52, 0x60, 0x3e, 0x48, 0x8b, 0x52, 0x18, 0x3e, 0x48, 0x8b,
0x52, 0x20, 0x3e, 0x48, 0x8b, 0x72, 0x50, 0x3e, 0x48, 0xf, 0xb7, 0x4a,
0x4a, 0x4d, 0x31, 0xc9, 0x48, 0x31, 0xc0, 0xac, 0x3c, 0x61, 0x7c, 0x2,
0x2c, 0x20, 0x41, 0xc1, 0xc9, 0xd, 0x41, 0x1, 0xc1, 0xe2, 0xed, 0x52,
0x41, 0x51, 0x3e, 0x48, 0x8b, 0x52, 0x20, 0x3e, 0x8b, 0x42, 0x3c, 0x48,
0x1, 0xd0, 0x3e, 0x8b, 0x80, 0x88, 0x0, 0x0, 0x0, 0x48, 0x85, 0xc0,
0x74, 0x6f, 0x48, 0x1, 0xd0, 0x50, 0x3e, 0x8b, 0x48, 0x18, 0x3e, 0x44,
0x8b, 0x40, 0x20, 0x49, 0x1, 0xd0, 0xe3, 0x5c, 0x48, 0xff, 0xc9, 0x3e,
0x41, 0x8b, 0x34, 0x88, 0x48, 0x1, 0xd6, 0x4d, 0x31, 0xc9, 0x48, 0x31,
0xc0, 0xac, 0x41, 0xc1, 0xc9, 0xd, 0x41, 0x1, 0xc1, 0x38, 0xe0, 0x75,
0xf1, 0x3e, 0x4c, 0x3, 0x4c, 0x24, 0x8, 0x45, 0x39, 0xd1, 0x75, 0xd6,
0x58, 0x3e, 0x44, 0x8b, 0x40, 0x24, 0x49, 0x1, 0xd0, 0x66, 0x3e, 0x41,
0x8b, 0xc, 0x48, 0x3e, 0x44, 0x8b, 0x40, 0x1c, 0x49, 0x1, 0xd0, 0x3e,
0x41, 0x8b, 0x4, 0x88, 0x48, 0x1, 0xd0, 0x41, 0x58, 0x41, 0x58, 0x5e,
0x59, 0x5a, 0x41, 0x58, 0x41, 0x59, 0x41, 0x5a, 0x48, 0x83, 0xec, 0x20,
0x41, 0x52, 0xff, 0xe0, 0x58, 0x41, 0x59, 0x5a, 0x3e, 0x48, 0x8b, 0x12,
0xe9, 0x49, 0xff, 0xff, 0xff, 0x5d, 0x49, 0xc7, 0xc1, 0x0, 0x0, 0x0,
0x0, 0x3e, 0x48, 0x8d, 0x95, 0xfe, 0x0, 0x0, 0x0, 0x3e, 0x4c, 0x8d,
0x85, 0x9, 0x1, 0x0, 0x0, 0x48, 0x31, 0xc9, 0x41, 0xba, 0x45, 0x83,
0x56, 0x7, 0xff, 0xd5, 0x48, 0x31, 0xc9, 0x41, 0xba, 0xf0, 0xb5, 0xa2,
0x56, 0xff, 0xd5, 0x4d, 0x65, 0x6f, 0x77, 0x2d, 0x6d, 0x65, 0x6f, 0x77,
0x21, 0x0, 0x3d, 0x5e, 0x2e, 0x2e, 0x5e, 0x3d, 0x0
};get the code like that, compile and link it to the exe\dll or elf and force it working, link the debager to the process and will see beatifull new world.
okey thank you so much ^_^ i really appreciete your helpfull...good luck for you