ITSEC Newsletter 2023-07-06

"One key issue that Hell's Gate solves is the avoidance of hardcoded System Service Numbers (SSNs), also known as syscall IDs, in direct syscall POCs. Instead, it allows for the dynamic retrieval of SSNs from native functions within the ntdll.dll at runtime. This is crucial as SSNs can change between different versions of Windows, and in a realistic scenario or during a red team engagement, the target's specific Windows version is often unknown. Thus, hardcoding SSNs poses a risk and could lead to failure in the attack, a problem effectively addressed by the Hell's Gate technique."

"I have created a new .NET tool named AtlasReaper that calls the Atlassian REST APIs for Confluence and Jira. It is designed to run in-memory from C2 agents, with the aim of minimizing the network overhead generated from a SOCKS proxy. This tool has several features, including listing spaces, pages, attachments, projects, issues (and comments), usernames, and emails, and has the ability to search by a provided keyword. I have also included some features for adding content to pages and issues."

"This article discusses the security concerns which must be taken into account whenever designing an embedded system. Failure to account for these security concerns in the system’s threat model can lead to a compromise of the most sensitive data within."