This is an awesome mouse perfect to micro your units in SC2 :-)
So I looked around the installation of the SteelSeries Engine 3 software which allows to manage your device: "SteelSeries Engine 3 talks directly to your game, which changes your device's illumination in real time, based off of in-game events.".
In the installation folder, I found the following interesting binary:
win_driver_installer.exe
This binary is digitally signed by SteelSeries:
I tried to run it and I got the following error:
The binary win_driver_installer.exe tried to load SSEdevice.dll which is also signed.
So I forged a C++ .dll that leverages a PowerShell payload and tries to connect to one of my CobaltStrike server and I tried to make it side loaded by win_driver_installer.exe but unfortunately I got this new error:
I changed my entry point in my .dll:
I checked the export worked:
I ran again and... bingo I have a beacon!
That's all folks!
Aucun commentaire:
Enregistrer un commentaire