https://fgsec.net/FgsecThis blog is my honest attempt to share knowledge with different people, and learn more in the process. 2021-10-25T22:23:45-03:00 Felipe Gaspar https://fgsec.net/ Jekyll © 2021 Felipe Gaspar /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Dynamically resolving syscalls in C#2021-05-04T13:00:00-03:00 2021-10-25T22:23:22-03:00 https://fgsec.net/posts/Dynamically-resolving-syscalls-in-CSharp/ Felipe Gaspar This post aims to describe and provide example code on how you can dynamically resolve syscalls using only C#. What are System calls? TL;DR: System calls or just syscalls are used by applications to perform tasks that are executed by the kernel, such as opening files, allocating memory, and so on. In the offensive context, you can use them to evade API hooks used by security products to inter... Injecting dotNet Assemblies to Unmanaged Processes2021-02-09T13:00:00-03:00 2021-02-13T01:12:42-03:00 https://fgsec.net/posts/Injecting-dotNet-Assemblies-To-Unmanaged-Processes/ Felipe Gaspar This is a quick post to show how you can inject your .NET assembly code to unmanaged processes. Generate the ShellCode As an example, I will be using a Mythic implant. But feel free to develop your own payload. For this task we will use the Donut project, you can read more about it here. The syntax is very simple, we need to indicate our payload (-f), the Class preceded by the Namespace (-c... Bypass Upload Restrictions and Evade Detection2021-01-22T13:00:00-03:00 2021-02-13T01:12:42-03:00 https://fgsec.net/posts/Bypass-Upload-Restrictions-and-Evade-Detection/ Felipe Gaspar Let’s be honest, bypassing upload restrictions is not something new and usually involves different methods to achieve the same goal: execute your 1337 code on your victim; But you can’t always do this without getting caught by the Blue Team. On this post I’ll be showing a combination of an old technique to bypass upload restriction on ASP/.NET applications and some ways to evade detection. St... From CSRF to RCE2020-04-19T13:00:00-03:00 2021-02-13T00:55:40-03:00 https://fgsec.net/posts/From-CSRF-to-RCE/ Felipe Gaspar A few days ago I started taking interest in Bolt, a content management that quoting from its github, is a “Sophisticated, lightweight & simple CMS”. The team behind it really did a great job in making the CMS easy to use, and packed with a lot of features. I truly recommend you checking out their project if you are looking for a cool new CMS to use. Affected Version Bolt CMS 3.6.6 - It... New blog again2020-03-10T00:00:00-03:00 2021-02-13T00:46:46-03:00 https://fgsec.net/posts/New-Blog-Again/ Felipe Gaspar Ok, I’m not good at this blogging stuff but let me try it again. I hope to share new things I learn or just use this as a way to keep notes.