• C# Predict the Random Number Generator of .NET

    C# Predict the Random Number Generator of .NET

    This post targets to underline the predictability of the random… or better said pseudo-random number generator (PRNG) exposed by the .NET framework (aka the Random() class), under certain assumptions. Because of the nature of the implementation, 100% accuracy can be...

    Dec 6, 2019

  • Bypassing ASLR and DEP - Getting Shells with pwntools

    Bypassing ASLR and DEP - Getting Shells with pwntools

    Today, I’d like to take some time and to present a short trick to bypass both ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) in order to obtain a shell in a buffer-overflow vulnerable binary. I’ve seen this...

    Jul 2, 2019

  • C# Inject a Dll into a Process (w/ CreateRemoteThread)

    C# Inject a Dll into a Process (w/ CreateRemoteThread)

    Since I’ve been asked if this is possible - well…you can do DLL Injection using C# but the injected DLL must be written in a language that doesn’t depend on a CLR (C/C++ would be a good option here, but...

    Oct 14, 2014

  • C# Make a Critical Process (BSoD if Killed)

    C# Make a Critical Process (BSoD if Killed)

    A critical process is a type of process that Windows requires to be running - csrss.exe is an example of such process. Whenever a process like this finishes its execution (or it’s terminated) Windows will respond with an authentic Blue...

    Oct 7, 2013