Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signature? #2

Open
vvalien opened this issue Dec 19, 2016 · 2 comments
Open

Signature? #2

vvalien opened this issue Dec 19, 2016 · 2 comments
Labels
question

Comments

@vvalien
Copy link

vvalien commented Dec 19, 2016

Not a issue, just a question... What exactly is that a signature of ???

Also the ability to dump the memory would make a nifty feature.

Cheers and Awesome work!!!
@DamonMohammadbagher
Copy link
Owner

for detail information about signature you should ask from these guys : Rohan Vazarkar , David Bitner ,

@zelon88
Copy link

zelon88 commented Jan 10, 2020
edited
Loading

Hello!

I too am greatly interested in this project as well as AntiPwny (by Rohan Vazarkar and David Bitner).

I wanted to give you guys the heads up that I have asked a similar question about this signature over at rvazarkar/antipwny#3

It appears that Meterpreter_Payload_Defense took the original signature, shortened the hex to omit the "0x" portion, and encoded it as base64. The original signature from Rohan Vazarkar and David Bitner doesn't have much in the way of comments or background information either. It would be interesting to know where it came from so we could possibly hone it in, or extend it to detect other injected payloads as well.

Thanks for posting!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vvalien @zelon88 @DamonMohammadbagher