You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I am trying to emulate Turla Snake Day 2. I compile snake drivers and installer also compiled EPIC payload to connect my control server. EPIC payload successfully connects to control server and from control server I copied snake payload to victim machine and executed snake installer.
Snake installer successfully loaded vulnerable driver and deleted. Now on edge I browsed some url to make some internet connections. And i can see "C:\Windows\msnsvcx64.dll" is loaded in msedge.exe process. Heartbeat was sent and contrl server responded with "1". now I don't see injection into taskhostw.exe and GUID is not registered on control server. What could be the problem? could you please guide me.
Contribution Description
Hi, I am trying to emulate Turla Snake Day 2. I compile snake drivers and installer also compiled EPIC payload to connect my control server. EPIC payload successfully connects to control server and from control server I copied snake payload to victim machine and executed snake installer.
Snake installer successfully loaded vulnerable driver and deleted. Now on edge I browsed some url to make some internet connections. And i can see "C:\Windows\msnsvcx64.dll" is loaded in msedge.exe process. Heartbeat was sent and contrl server responded with "1". now I don't see injection into taskhostw.exe and GUID is not registered on control server. What could be the problem? could you please guide me.
Supporting files or evidence
No response
Where did you find this information?
No response
Operating System
Windows
Code of Conduct
The text was updated successfully, but these errors were encountered: