[TMS VCL Cloud Pack 3.8.6.0 XE2-XE10.2
Laurice Whack
If you are red team player, this article gives you an expectation what information (e.g. credential) is available in the executable file. In addition, traditional anti-virus relies on recognize the signature (keyword). If we have better understand of the relationship between source code and compiled executable, this certainly enhance the ability to evade the defense technology.
On the other hand, if you are blue team player, you may review with the developer before the credential information leak to wrong hand. Moreover, when performing initial malware analysis, you may also have correct expectation to evaluate the executable file.
All the source code using in our testing are also available download via our github repository here. We are not going to discuss every source code used in this testing because we do not want to make it a programming article. Therefore, instead of discuss the source code of each language, we will only discuss one example. Below is code snippet of VB .Net:
To conclude, do not assume an executable file can help to keep your secrets, and attacker may be able to dump password from exe file. For instance, I saw some organization reasonably protect scripts containing credential, but wrongly left executable file with embedded credential unprotected. Moreover, executable packer such as upx can hide those credential information but the information still can be extracted. We will further explore Anti-Debugging techniques to protect an executable in the future.
A long time ago, I discovered I can bypass VPN restriction using WSL. Certainly, it give me some kind of convenience during my work.
Have you ever do the similar thing ? For instance, you figure out how to workaround the security control to complete your sysadmin duty.
Many security professionals know the importance of PowerShell logging. It give us great visibility for Incident Response and Threat Hunting process. FireEye wrote a great article about PowerShell logging here. As Microsoft already launch Power Shell Core, we also need to consider PowerShell Core (PowerShell 6/7) logging. As a side note, the executable name of PowerShell Core is pwsh.exe and therefore usually co-exists with the original powershell.exe executable. In reality, organizations are shifting more and more workload to cloud such as Azure. Both the developer and operation team trends to use more and more PowerShell to manage their cloud instance. I saw some developer and operation team install PowerShell Core on their own. This may be risky! So, I suggest we turn on the log before they install the tools.
Xenon is a chemical element; it has symbol Xe and atomic number 54. It is a dense, colorless, odorless noble gas found in Earth's atmosphere in trace amounts.[15] Although generally unreactive, it can undergo a few chemical reactions such as the formation of xenon hexafluoroplatinate, the first noble gas compound to be synthesized.[16][17][18]
Xenon is used in flash lamps[19] and arc lamps,[20] and as a general anesthetic.[21] The first excimer laser design used a xenon dimer molecule (Xe2) as the lasing medium,[22] and the earliest laser designs used xenon flash lamps as pumps.[23] Xenon is also used to search for hypothetical weakly interacting massive particles[24] and as a propellant for ion thrusters in spacecraft.[25]
Naturally occurring xenon consists of seven stable isotopes and two long-lived radioactive isotopes. More than 40 unstable xenon isotopes undergo radioactive decay, and the isotope ratios of xenon are an important tool for studying the early history of the Solar System.[26] Radioactive xenon-135 is produced by beta decay from iodine-135 (a product of nuclear fission), and is the most significant (and unwanted) neutron absorber in nuclear reactors.[27]
Xenon was discovered in England by the Scottish chemist William Ramsay and English chemist Morris Travers on July 12, 1898,[28] shortly after their discovery of the elements krypton and neon. They found xenon in the residue left over from evaporating components of liquid air.[29][30] Ramsay suggested the name xenon for this gas from the Greek word ξένον xnon, neuter singular form of ξένος xnos, meaning 'foreign(er)', 'strange(r)', or 'guest'.[31][32] In 1902, Ramsay estimated the proportion of xenon in the Earth's atmosphere to be one part in 20 million.[33]
During the 1930s, American engineer Harold Edgerton began exploring strobe light technology for high speed photography. This led him to the invention of the xenon flash lamp in which light is generated by passing brief electric current through a tube filled with xenon gas. In 1934, Edgerton was able to generate flashes as brief as one microsecond with this method.[19][34][35]
In 1939, American physician Albert R. Behnke Jr. began exploring the causes of "drunkenness" in deep-sea divers. He tested the effects of varying the breathing mixtures on his subjects, and discovered that this caused the divers to perceive a change in depth. From his results, he deduced that xenon gas could serve as an anesthetic. Although Russian toxicologist Nikolay V. Lazarev apparently studied xenon anesthesia in 1941, the first published report confirming xenon anesthesia was in 1946 by American medical researcher John H. Lawrence, who experimented on mice. Xenon was first used as a surgical anesthetic in 1951 by American anesthesiologist Stuart C. Cullen, who successfully used it with two patients.[36]
In November 1989, IBM scientists demonstrated a technology capable of manipulating individual atoms. The program, called IBM in atoms, used a scanning tunneling microscope to arrange 35 individual xenon atoms on a substrate of chilled crystal of nickel to spell out the three letter company initialism. It was the first time atoms had been precisely positioned on a flat surface.[49]
Xenon has atomic number 54; that is, its nucleus contains 54 protons. At standard temperature and pressure, pure xenon gas has a density of 5.894 kg/m3, about 4.5 times the density of the Earth's atmosphere at sea level, 1.217 kg/m3.[50] As a liquid, xenon has a density of up to 3.100 g/mL, with the density maximum occurring at the triple point.[51] Liquid xenon has a high polarizability due to its large atomic volume, and thus is an excellent solvent. It can dissolve hydrocarbons, biological molecules, and even water.[52] Under the same conditions, the density of solid xenon, 3.640 g/cm3, is greater than the average density of granite, 2.75 g/cm3.[51] Under gigapascals of pressure, xenon forms a metallic phase.[53]
Solid xenon changes from face-centered cubic (fcc) to hexagonal close packed (hcp) crystal phase under pressure and begins to turn metallic at about 140 GPa, with no noticeable volume change in the hcp phase.[54] It is completely metallic at 155 GPa.[55] When metallized, xenon appears sky blue because it absorbs red light and transmits other visible frequencies. Such behavior is unusual for a metal and is explained by the relatively small width of the electron bands in that state.[54][better source needed]
Liquid or solid xenon nanoparticles can be formed at room temperature by implanting Xe+ ions into a solid matrix. Many solids have lattice constants smaller than solid Xe. This results in compression of the implanted Xe to pressures that may be sufficient for its liquefaction or solidification.[56]
Xenon is a member of the zero-valence elements that are called noble or inert gases. It is inert to most common chemical reactions (such as combustion, for example) because the outer valence shell contains eight electrons. This produces a stable, minimum energy configuration in which the outer electrons are tightly bound.[57]
In a gas-filled tube, xenon emits a blue or lavenderish glow when excited by electrical discharge. Xenon emits a band of emission lines that span the visual spectrum,[58] but the most intense lines occur in the region of blue light, producing the coloration.[59]
Xenon is a trace gas in Earth's atmosphere, occurring at a volume fraction of 871 nL/L (parts per billion), or approximately 1 part per 11.5 million.[60] It is also found as a component of gases emitted from some mineral springs. Given a total mass of the atmosphere of 5.151018 kilograms (1.1351019 lb), the atmosphere contains on the order of 2.03 gigatonnes (2.00109 long tons; 2.24109 short tons) of xenon in total when taking the average molar mass of the atmosphere as 28.96 g/mol which is equivalent to some 394 mass ppb.
Unlike the lower-mass noble gases, the normal stellar nucleosynthesis process inside a star does not form xenon. Elements more massive than iron-56 consume energy through fusion, and the synthesis of xenon represents no energy gain for a star.[69] Instead, xenon is formed during supernova explosions during the r-process,[70] by the slow neutron-capture process (s-process) in red giant stars that have exhausted their core hydrogen and entered the asymptotic giant branch,[71] and from radioactive decay, for example by beta decay of extinct iodine-129 and spontaneous fission of thorium, uranium, and plutonium.[72]
Xenon-135 is a notable neutron poison with a high fission product yield. As it is relatively short lived, it decays at the same rate it is produced during steady operation of a nuclear reactor. However, if power is reduced or the reactor is scramed, less xenon is destroyed than is produced from the beta decay of its parent nuclides. This phenomenon called xenon poisoning can cause significant problems in restarting a reactor after a scram or increasing power after it had been reduced and it was one of several contributing factors in the Chernobyl nuclear accident.[73][74]
Stable or extremely long lived isotopes of xenon are also produced in appreciable quantities in nuclear fission. Xenon-136 is produced when xenon-135 undergoes neutron capture before it can decay. The ratio of xenon-136 to xenon-135 (or its decay products) can give hints as to the power history of a given reactor and the absence of xenon-136 is a "fingerprint" for nuclear explosions, as xenon-135 is not produced directly but as a product of successive beta decays and thus it cannot absorb any neutrons in a nuclear explosion which occurs in fractions of a second.[75]
795a8134c1