The fake PE images shown above aren't "real" memory allocations, but rather dual mappings of already loaded legitimate images, and they seem to be randomized on every boot. I'm not sure why exactly it's done, but likely to screw up kernel exploit primitives like "using memory scanning to determine the kernel base address from a leaked pointer", since it's impossible to get the kernel base address from a low-privileged process on modern versions of Windows 2/2
While playing with my Hyper-V backdoor on Windows Server 10.0.20348 test machine I noticed some pretty unexpected memory content in the discardable sections of PE images belonging to the NT kernel. It turns out that on modern systems the kernel plants "fake" PE images into these sections, which normally shouldn't be mapped at all due to the IMAGE_SCN_MEM_DISCARDABLE attribute 1/2
LMAO, you apparently can encode “trigger refusal” magic string and it will still work
Pentest bot experiment I mentioned earlier goes really well: Claude Opus managed to solve all easy/medium/hard difficulty level tasks available for non-paid HTB account and currently works on its 2-nd insane difficulty box -- this is really cool, much better than I expected. DeepSeek model got stuck somewhere at the medium difficulty
Another one completed. It stuck a bit at reversing .NET binary since bot didn't have a proper decompiler in its container, but overall it went relatively smooth
Reference picture of properly packed vintage electronics, 10 cm of polyurethane foam on each side: simple, efficient and cheap — take note, sellers
w0000t! Pentest bot successfuly got its first flag on medium level HTB challenge 😊 It took about 3.5 hours to reach it, while top-tier human player (#3 of HTB rating) spent ~1 hour. I intentionally choosed relatively fresh task with no writeups so model doesn't have any task-specific knowledge in its training data and thereforce can't cheat, at least in obvious ways
Doesn’t gets along well with other cats yet, but at least she have a family now 🥰
What the hell is going on 😵💫😵💫😵💫
