The Hacker News

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Researchers found Chinese-linked attackers abused SonicWall VPN access and VMware ESXi zero-day flaws to escape VMs and gain ...
The Hacker News

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

Cisco Talos reports China-linked UAT-7290 spying on telecoms since 2022 using Linux malware, edge exploits, and ORB ...

VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
IEEE

Identification of Arbitrary Length Shellcode for the Intel x64 Architecture as a NOP Sled

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...
GitHub

Example of run-time manual PLT in C.

TL;DR: Write a C program that calls libc functions, compile it to a shellcode, load it in memory. Featuring function scraping from ELF as "procedure linkage", code & compilation tricks, and more. If ...
GitHub

Splitting and executing shellcode across multiple pages

Target shellcode is a PopCalc by Bobby Cooke (boku). The purpose of this PoC is to demonstrate signature evasion by allocating multiple (whole) pages for a relatively small encoded shellcode, ...