Debug Environment Variable are \o/

May 3, 2021 in Autostart (Persistence), Living off the land, LOLBins

Looking at the list of debug environment variables one can immediately spot a lot of room for abuse. One can hypothesize that setting e.g. _NT_SYMBOL_PATH, _NT_ALT_SYMBOL_PATH, _NT_SYMBOL_PROXY, SRCSRV_INI_FILE to point […]


May 2, 2021 in Living off the land, LOLBins

This post wraps up another Twitter thread I started a few days ago: If you ever get bored using “copy” to copy files you can always use … curl: curl […]