Mastodawn

DeepSec Conference ☑Sep 8, 2023

DeepSec 2023 Talk: Introducing CS2BR – Teaching Badgers New Tricks – Moritz Thomas & Patrick Eisenschmidt
Staying under the radar and remaining undetected is one of our priorities during Red Teaming assessments. After all, we’re simulating real threat actors and want to reach our object
https://blog.deepsec.net/deepsec-2023-talk-introducing-cs2br-teaching-badgers-new-tricks-moritz-thomas-patrick-eisenschmidt/
#Conference #BOFs #C2Frameworks #COFF #CS2BR #DeepSec2023 #RedTeaming #Talk

DeepSec 2023 Talk: Introducing CS2BR - Teaching Badgers New Tricks - Moritz Thomas & Patrick Eisenschmidt

DeepSec 2023 features a presentation with new tricks for red teams. Attend and learn how to improve your testing methods.

DeepSec In-Depth Security Conference

Show thread

argonaut Aug 4, 2023

@hoernchen72 #coff ? Habe ich seit Jahrzehnten nicht mehr in freier Wildbahn gesehen. Hm, auf #Ultrix/#MIPS muss das damals gewesen sein. Auch #Parix für #Transputer hat es benutzt.

Http://de.wikipedia.org/wiki/COFF

Common Object File Format – Wikipedia

Cake Aug 3, 2023

Coffe... #coffee #coffe #coff #coffy #cofy #cofe #cof

Tedi Heriyanto Jul 19, 2023

A VSCode devcontainer for development of COFF files with batteries included: https://github.com/EspressoCake/BOF_Development_Docker

#visualstudiocode #bof #coff

GitHub - EspressoCake/BOF_Development_Docker: A VSCode devcontainer for development of COFF files with batteries included.

A VSCode devcontainer for development of COFF files with batteries included. - GitHub - EspressoCake/BOF_Development_Docker: A VSCode devcontainer for development of COFF files with batteries inclu...

GitHub

CafeXperiment

Apr 23, 2023

A coffee with Massimiliano Trolese
Il caffè che non ti aspetti, #CoffeeOfTheDay @ April 24, 2023 at 12:00AM
https://www.cafexperiment.com/2023/04/24/il-caffe-che-non-ti-aspetti/ #cafexperiment

Be #pictoftheday: tag us and join the experiment!
#coffeelover #teamcoffee #coffee #dailycoffee #acoffeeaday #CaféDuJour #coff…

I can now generate Windows #COFF object files containing .rsrc sections “by hand” again, but this time I know a little more about what I’m doing so it’s not just a sequence of bytes to write. Time to prepare the package for release after sleep.

#programming

Carey 🇳🇿Apr 27, 2022

It looks like the only fixed parts of a COFF object file are the file header and section table right at the start, so it's fairly easy to stream it to disk or an in-memory buffer as long as you know how many sections there will be, and as long as it's possible to rewind the file to update the headers.

The examples that I have put relocations right after the section, and symbols at the end of the file, but that seems convenient, not necessary.

#windows #coff #programming

Show thread

Carey 🇳🇿Apr 26, 2022

Currently I’m using the object crate from https://github.com/gimli-rs/object. It’s good and pretty easy to use once you know what output you want to get, but it comes with a whole lot of dependencies for something that's supposed to be a one-liner in build.rs.

So, I’m changing the code that writes .o files for Rust GNU compiler targets back to my own code, but this time I (think I) know what’s going on with #COFF symbols, relocations, alignment and so on.

I’m using https://docs.microsoft.com/en-us/windows/win32/debug/pe-format for reference.

GitHub - gimli-rs/object: A unified interface for reading and writing object file formats

A unified interface for reading and writing object file formats - gimli-rs/object

GitHub

DeepSec 2023 Talk: Introducing CS2BR - Teaching Badgers New Tricks - Moritz Thomas & Patrick Eisenschmidt

Common Object File Format – Wikipedia

GitHub - EspressoCake/BOF_Development_Docker: A VSCode devcontainer for development of COFF files with batteries included.

Il caffè che non ti aspetti – #CafeXperiment

Cafè Gourmand @ Artigiano in Fiera 2022 – #CafeXperiment

Il concetto di #EveryWhere in un caffè – #CafeXperiment

GitHub - gimli-rs/object: A unified interface for reading and writing object file formats