I wrote this DLL years ago and spoke about it at Rochester BSides last year. I’ve been meaning to post this since then, but time tends to get away from me. Because Windows 2K and XP might not be around that much longer I’m going to keep this post short and sweet. You can download […]

For the Eternally Impatient The quick lowdown: I wrote a DLL capable of logging the credentials entered at logon for Windows Vista, 7 and future versions which you can download at https://github.com/tdubs/credential-provider.  The credentials are logged to a file located at c:\cplog.txt.  Simply copy the dll to the system32 directory and run the included register.reg […]

Scenario You have an Internet system that you would like to administer remotely without leaving the administrative service open to the entire Internet.  However you’re not always coming from the same source IP address.  Although it’s common practice to restrict access to only secure administration services (eg SSH) I’d like to avoid having any TCP […]

I just wrote this simple rootkit dropper using the curl library which is extremely easy to customize to fit many needs.  Currently there are only three defines to change to specify the file you want to download and run.  Right now I’ve tested it grabbing the file via HTTP and executing it, works very nice. […]