<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<b>INNUENDO Coding and Auto-Injection Demonstration</b>: <a
href="https://vimeo.com/127492458">https://vimeo.com/127492458</a><br>
<br>
This is the longest video we have released in some time, clocking in
at twenty minutes. But after that twenty minutes you'll see just how
easy it is to build new functionality into INNUENDO, and you'll see
a model for what I like to think is pretty amazing method of getting
back to a C2 in a real-world corporate network. Everything in that
demo is Real-Time. Nothing is faked. It's amazing how little code it
takes to make sure a big feature.<br>
<br>
One thing I find is key about the Windows ecosystem is that each
Windows machine has to be treated as a "network" within the machine,
considering that your view of that machine is so dependent of which
user you are executing as. Modern HIDS makes this even more true:
You may be unable to access the Internet from one process, but able
to access it from another. This is one of the hardest things for OS
X users to understand about Windows hacking. Windows Tokens really
don't exist in any other paradigm and are hard for even hackers to
wrap their heads around.<br>
<br>
-dave<br>
Ref:<br>
[1]
<a class="moz-txt-link-freetext" href="http://www.blackhat.com/presentations/bh-europe-04/bh-eu-04-detoisien/bh-eu-04-detoisien-up.pdf">http://www.blackhat.com/presentations/bh-europe-04/bh-eu-04-detoisien/bh-eu-04-detoisien-up.pdf</a><br>
<br>
</body>
</html>