Highest Voted 'process' Questions - IT Security Stack Exchange

2

votes

1 answer

Kernel32.dll , Kernelbase.dll and Malware

I noticed that the same malware will export CreateProcessInternalW from kernel32.dll in Windows 7 and KernelBase.dll in Windows 10. Why is it exporting the same function from different DLLs?

asked Feb 26 '18 at 21:25

Limpid.Security

119
1
1
8

2

votes

1 answer

Understanding processes in "people, process and technology"

In the "people, process and technology" security model popularized by Bruce Schneier - link It is discussed how exploits/attacks can occur on any of these 3 broad levels. For exploiting technology, that is relatively common. Pentests, exploiting…

process

asked Oct 31 '17 at 02:14

alf3nso

21
1

2

votes

2 answers

Can a zipped malware execute?

I have a malicious file zipped in .gz which was not opened. However, when I tried to delete the folder containing the file, I wasn't able to due to running processes. Can a zipped malware execute itself in Windows?

malware phishing zip process code-execution

asked May 15 '17 at 10:17

George

739
1
6
22

2

votes

1 answer

Why are PID suffixed temporary files a vulnerability

Why is this a security issue? > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820331 > > very predictable temporary files (like > /tmp/cronic.out.$$) that depends only on PID: > OUT=/tmp/cronic.out.$$ > ERR=/tmp/cronic.err.$$ >…

permissions shellcode process

asked Apr 10 '16 at 21:49

DocSalvager

161
4

1

vote

0 answers

What are the potential threats of an insecure IPC communication in Windows OS?

There are two processes on a Windows machine: one is related to user interface (UI) and the other is a backend service running locally. The UI process sends data to the backend service and they mutually communicate with each other using…

windows process vulnerability-assessment

asked Mar 28 '15 at 10:28

userbb

111
2

1

vote

1 answer

Purpose of Real UID in spite of setresuid()

While reading the manual page of setresuid() a question arose about the purpose of Real UID. As mentioned in the man page: setresuid() sets the real user ID, the effective user ID, and the saved set-user-ID of the calling process. Unprivileged user…

linux permissions process

asked Aug 31 '22 at 12:30

Amit Gabay

13
5

1

vote

0 answers

Clarification on log4j Service Requirements

We're currently trying to prioritize our mitigations for CVE-2021-44228. The obvious priority is to deal with any Internet facing java (apache?) applications that use a vulnerable log4j library and\or Java binary first. For multi-user Linux systems,…

account-security permissions process privileged-account log4shell

asked Dec 15 '21 at 18:28

BradleyMorgan

39
5

1

vote

0 answers

Process hollowing and the Import Address Table

I have been learning and implementing Process Hollowing attacks, and even after I got the thing work, I have some questions. Why aren't we building the IAT when we load our injected PE? All we do is copy the headers and the sections, fix…

injection memory c process code-execution

asked Jul 05 '20 at 12:48

Eran Nahshon

23
4

1

vote

0 answers

Hidden Process Discovered in Tails OS

How concerned should I be about this result from unhide? unhide-linux scan starting at: 17:02:43, 2020-03-23 Used options: logtofile [*]Searching for Hidden processes through /proc stat scanning [*]Searching for Hidden processes through /proc…

rootkits process

asked Mar 23 '20 at 17:47

Patriot

277
3
15

1

vote

1 answer

Is there any security issue while two different process using different hard link of same file?

To reduce disk space I have planned to use a hard link instead of full copy, Is there any security issue while two different processes using different hard links of the same executable file as base?

linux storage file-system process

asked Mar 20 '20 at 11:12

Karthik Nedunchezhiyan

121
4

1

vote

0 answers

seDebugPrivilege and OpenProcess() - Trying to understand how Windows restricts access to a process' virtual memory

I’ve been trying to understand how operating systems protect processes from each other. My understanding of Windows security is that a process can call OpenProcess() (thereby allowing read and write access to the virtual memory of another process)…

windows meterpreter process virtual-memory

asked Nov 19 '19 at 11:05

Ted

11
2

1

vote

1 answer

Are there totally isolated processes or services possible under Windows?

I want to program a little security watchdog for my Windows 10 machine. This watchdog should start directly after boot and should be active, no matter which user is currently logged in. None of the users should be able to see, what's happening…

windows process

asked Jul 19 '19 at 21:02

Christian

11
1

1

vote

2 answers

What to review for server decommission?

I’ve read that the information security teams should be involved in the decommission process for servers (for example this answer or this sample process guide). They are supposed to review and approve the decom request. What is infosec supposed to…

server process

asked Apr 18 '18 at 21:42

Palisade Tobblestock

11
2

1

vote

1 answer

When calling a process from another process, Is sending stdin password more secure than sending an ENV variable?

I am a Java developer that is building an app where it needs to call a C# process from within. In my situation, the Java app is calling this C# program https://github.com/nddipiazza/SharepointOnlineCookieFetcher. This C# program requires a password.…

passwords java .net process

asked Feb 23 '18 at 07:32

Nicholas DiPiazza

149
8

1

vote

1 answer

Unknown process shuts down computer when ending process tree

/I'm not sure if this is the correct place for this question/ A few minutes ago, I discovered a strange process running in the background. " P3RTZCU17K.exe " - I googled it with quotes and zero results were returned. When I ended the process,…

windows process windows-vista

asked May 30 '17 at 02:33

Pearson

11
2

Questions tagged [process]