BC INTERNET

Saved by @Alex1Powell

Jonas L
@jonasLyk 3 years, 4 months ago 1159 views

Save to PDF Share See On Twitter

Wanna disable Defender when enabled Isolated Core and Tamper protection?

Its a bit more trouble- but doable, without ruining Isolated Core/Secureboot etc.

Defenders process will run as a unkillable protected service- so new tricks needed.

Here we go:

Ok- tamper protection is easy, just make .bat - run as adm:
:again
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WdFilter\Instances\WdFilter Instance" /v altitude /t REG_SZ /d -1 /f
goto again

Then unload minifilter with process hacker:

The registry key will be changed while the minifilter do not protect it, when tamper protection makes the driver load again it cannot attach to volumes nor protect registry keys.

Removing it will make it recreate, but invalid altitude do the trick

Notice now the service is: Protected light(antimalware)
Now we cant do anything to the service/process- not even see its open handles.

Lets start by elevating to SYSTEM- just launch a command prompt, then close process hacker- and run it again from the command prompt.
Now process hacker runs as SYSTEM

Find the services process again- select the token tab.

Right click and disable the two groups:

WinDefend
Administrators

https://t.co/vSDPatKkXK

Now defender no more constant opens files- it dosnt do anything actually....

If you wanna permanently disable it its easy enough now there is no protection on its files.

If you mklink MsMpLics.dll:q nul it will not run on restart- but you loose the isolated core status :S

But secure boot and core isolation is still running fine

I am surprised that the protected services tokens are not protected.... that seems like bad design...

It also means we can impersonate them- here I impersonate SecureSystem:

More from Internet

Pasquale "Pat" Scopell...
@ThyConsigliori

29 December 2020 #MAGAanalysis #Overturn

Comments On @OptimisticCon Article:

The key supporting effort appears to be underway on Trump’s operational timeline

As we emphasized yesterday, J.E. Dyer commands us: "But do hold the line."

Dave Troy
@davetroy

THREAD: Now that @Amazon @awscloud has announced they will no longer host @parler_app, many have speculated that they will just “find another host.”

Here is why that’s not so simple and what it will likely mean for the app’s future. First, let’s look at where things are...

2/ Google and Apple have removed the app from their app stores, effectively terminating growth on mobile devices. People can still access the (not good) web UI until Amazon terminates them today. CEO Matze has said they may be down “up to a week” while they find new hosting.

3/ Translated to English, that’s code for “we have no idea what’s going to happen next.” No US cloud provider (Microsoft, Google, IBM, Digital Ocean) is likely to touch this, as it could be seen as providing material support for sedition. No CEO or counsel wants to get near this.

4/ They could potentially “roll their own” data center by buying servers and putting them in a co-location facility. But that’s a single point of failure, and many colo providers would be just as likely to decline their business. It would be hard and risky to pursue this.

5/ Imagine, after they sweated like pigs to get this hardware all setup, if they get told their colo provider is booting them. That’s a lot of metal to then move somewhere else. Meanwhile, the user base is deteriorating because chaos and dying apps. They will go to other venues.

Advertisement

Kyle Hanslovan
@KyleHanslovan

Only 1 / 67 antivirus engines list SUNBURST backdoor as malicious - SolarWinds.Orion.Core.BusinessLayer.dll https://t.co/taaiUtSJzR #SUNBURST #UNC2452

SolarWinds' digital certificate hasn't been revoked yet.

The full compromised package is still being hosted online as well 😓 hxxps://downloads.solarwinds[.]com/solarwinds/CatalogResources/Core/2019.4/2019.4.5220.20574/SolarWinds-Core-v2019.4.5220-Hotfix5.msp

Job class within the backdoored #Sunburst DLL is pretty straight forward and aligns with @FireEye's analysis. CollectSystemDescription:

David Evans
@pentops4

Years before Andy Grove was attributed with the phrase:

"Whatever can be done, will be done"

A lot of us technologists assumed this was the case anyway.

It's a truism.

What if we could track every person on the planet in real time?

Or at least everyone in a major city

🤔🔮

So, given someone has this idea.

Then the only question is can it be done.

Well, we're already installing all the tech to do this for autonomous vehicles, drones and smart city infrastructure.

It really wouldn't be a huge leap to do that for people.

But how might that be possible 🤔

Sure we can already do it with phones right, but not everyone has a phone and sometimes the batteries die blah blah.

Could we do it in a way that it was difficult to circumvent, and always active?

Well, maybe we could if we put our thinking caps on about the problem.

--- this line intentionally left blank ---

Now I'm going to enter the wild world of wild speculative futurism, so take everything else with a pinch of salt 🧂

--- this line intentionally left blank ---

Turns out cell phone towers pinpoint the location of your phone as part of how they work.

And then as you move around you switch from one tower to another.

I think most people get this.

Something like the image below

$words are weapons \u26a1$

words are weapons ⚡...
@vimoh

I have been a Substack and Patreon user for a few years now. And though more than one social media giant has, in recent months, expressed the desire to help writers and journalists monetise their audience, there are very good reasons to take these SOPs with a pinch of salt.

Because the reason Patreon and Substack came into existence was not the need for a new business model. It was as a cure for the old business model - an algorithm-driven ad revenue system that powered the attention economy. The attention economy turned audiences into scrollers...

...who were in it for the next viral hit. Quality of information suffered, the nature of discourse suffered, and as a result, democracy itself suffered. Much of this was enabled by the social media giants who are trying to copy the Substack and Patreon model right now in an...

...attempt to "put creators first". But what we must not lose sight of is that the Substack / Patreon model only emerged as a result of the bad practices the social media giants enabled. The algorithm made a toxic internet possible and they were what hit back. Today, multiple...

...podcasting tools video streaming services have donation buttons built in. But it was not always so. I applaud all attempts that anyone makes to help independent media not have to rely on ad money, but I am not going to ever be able to see Facebook's newsletter tool as a...

You May Also Like

$Ranvijay Singh\U0001f1ee\U0001f1f3$

Ranvijay Singh🇮🇳...
@ranvijayT90

#Thread Two divine forms of Khatu Shyam ji...

On the day of Amavasya, devotees get the darshan of Shyam Baba in Shyam varan (black color). In ordinary days, the form of Baba is saffron. The reason for this is a custom. The real head of Shyam Baba which had appeared from Shyam Kund is of Shyam varan.

Every day Shyam Baba's grand Shringar is done by Pujaris. The main part of Shyam Baba's shringar is Tilak. This Shringar is done by the members of Nij Mandir sevaks. The sevaks of the Nij Mandir do sandalwood tilak to Baba everyday in the auspicious time.

This Divine Tilak is applied from the forehead to the nose. When Baba is given a bath by sevaks, this tilak comes off. Then in the auspicious time, the sevaks again apply tilak to Baba.

There is no auspicious time on the Amavasya. Because of this, tilak is not done on that day. That's why devotees have darshan of Shyam Baba on the Amavasya only in the actual real form (Shyam Swaroop). Baba's tilak is done on Amavasya only on the day of Deepawali.

James Clear
@JamesClear

My top 10 tweets of the year

A thread 👇

https://t.co/xj4js6shhy

Entrepreneur\u2019s mind.
Athlete\u2019s body.
Artist\u2019s soul.
— James Clear (@JamesClear) August 22, 2020

https://t.co/b81zoW6u1d

When you choose who to follow on Twitter, you are choosing your future thoughts.
— James Clear (@JamesClear) October 3, 2020

https://t.co/1147it02zs

Working on a problem reduces the fear of it.

It\u2019s hard to fear a problem when you are making progress on it\u2014even if progress is imperfect and slow.

Action relieves anxiety.
— James Clear (@JamesClear) August 30, 2020

https://t.co/A7XCU5fC2m

We often avoid taking action because we think "I need to learn more," but the best way to learn is often by taking action.
— James Clear (@JamesClear) September 23, 2020

Advertisement

Meet Shah
@ms89_meet

List of companies with more than 50% Market Share:

1) Maruti Suzuki (passenger cars)
2) APL Apollo (structural & pre galvanized tubes)
3) CDSL (investors accounts)
4) Interglobe Aviation (air traffic passengers)
5) GMM Pfaudler (glass lined equipment)

6) Asian Paints (decorative paints)
7) Colgate (oral care)
8) Symphony (coolers)
9) PGHH (female care & vaporub)
10) La Opala Rg (opalware)
11) HLE Glasscoat (filtration & drying equipment)
12) Delta Corp (online poker games)
13) Bajaj Auto (3W segment)
14) Vinati Organics (IBB)

15) OCCL (insoluble sulphur)
16) LMW (textile machinery)
17) Bajaj Consumer (almond hair oil)
18) Indiamart Intermesh (online B2B Classified space)
19) Vst Tillers (power tillers)
20) Sanghvi Movers (overall domestic crane hiring market)
21) Emami (antiseptic & male grooming)

List of companies with more than 60% Market Share:

1) Concor (domestic container cargo transport)
2) Exide (lead batteries)
3) Naukri (Indian job market space)
4) Praj (ethanol plant installing)
5) ACE (mobile & tower cranes)
6) Pidilite (adhesives)
7) Jamna Auto (leaf spring)

8) CAMS (RTA within mutual fund industry)
9) Time Technoplast (polymer based industrial packaging)

Pegasus of Dharma
@HarduttSuhas

The BATTLE OF PAVAN KHIND (13 July 1660)

300 MARATHAS against 10000+ ADIL SHAHI TROOPS

A Sparta style last man stand at a mountain pass which ensured Shivaji Maharaj's safety.

Valour, loyalty and sacrifice!

Baji Prabhu Deshpande was one of the most able lieutenants of Shivaji. He sacrificed his life defending Shivaji in a heroic last stand known as the "Battle of Pavan Khind" in which his force was hugely outnumbered.(1)

In this battle he became a martyr, but managed to halt the enemy forces for several hours, which secured Shivaji’s safety and victory on another front. Without this heroic last stand Shivaji’s glorious career may have been cut short.(2)

Baji Prabhu was senior to Shivaji. In the beginning he opposed Shivaji being from a rival Maratha clan, but realised that Shivaji stood for national resurgence. Henceforth he became a friend and loyal supporter of Shivaji.(3)

In 1660, Shivaji was trapped in the fort of Panhala, under siege and vastly outnumbered by an Adilshahi army led by general Siddhi Jauhar.(4)

Sahil
@sahilypatel

A list of cool websites you might now know about

A thread 🧵

1) Learn Anything - Search tools for knowledge discovery that helps you understand any topic through the most efficient

2) Grad Speeches - Discover the best commencement speeches.

This website is made by me

3) What does the Internet Think - Find out what the internet thinks about anything

4) https://t.co/vuhT6jVItx - Send notes that will self-destruct after being read.