| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAHK0WRm9+fXDf4yyM_oOEp6n6OVmUs_JGrZgDip-jTJABcrKQ@mail.gmail.com> Date: Mon, 6 May 2024 22:01:29 -0400 From: malvuln <malvuln13@...il.com> To: fulldisclosure@...lists.org Subject: [FD] RansomLord v3 / Anti-Ransomware Exploit Tool Released Proof-of-concept tool that automates the creation of PE files, used to exploit Ransomware pre-encryption. Updated v3: https://github.com/malvuln/RansomLord/releases/tag/v3 Lang: C SHA256: 83f56d14671b912a9a68da2cd37607cac3e5b31560a6e30380e3c6bd093560f5 Video PoC (old v2): https://www.youtube.com/watch?v=_Ho0bpeJWqI RansomLord generated PE files are saved to disk in the x32 or x64 directories where the program is run from. Goal is to exploit vulnerabilities inherent in certain strains of Ransomware by deploying exploits that defend the network! The DLLs may also provide additional coverage against generic and info stealer malwares. RansomLord v3 release notes: Adding six more Ransomware to the victim list for a grand total of 49 StopCrypt, RisePro, RuRansom, MoneyMessage, CryptoFortress and Onyx. Windows event log now includes SHA256 hash of the intercepted malware. https://github.com/malvuln/RansomLord MALVULN _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists