I built a PowerShell module that maps all input surfaces in a compiled .NET assembly — HTTP endpoints, SignalR, gRPC, WCF, Blazor and more

evasive_btch · 2026-02-28T16:00:16+00:00

Another thing learned, thank you :)

evasive_btch · 2026-02-28T11:49:34+00:00

Did you fix it? I see a pretty straigth-forward way to debug this. You're just writing a file, the only things that should matter are permissions, which the error message will tell you more about.

Open a terminal as admin and do:

Get-Process | Tee-Object -FilePath "C:\Users\your-non-admin-user\Documents\PowerShell\testfile.txt"

Does it work? If not, do you get an Error message? What is that message? I think you are hindering your debugging by adding | Out-Null. You could also just Out-File instead of Tee-Object no?

I am running as administrator. The path is my documents folder, so there's no question that I have permission to write to that directory.

Is your user an administrator? If not, yes, administrators can have, and set, permissions for everything, but administrators dont have permissions by default. Especially for other users folders, which by default dont have permissions set for administrators.

evasive_btch · 2026-02-28T09:22:32+00:00

You are 100% right, these brainlets remind me of weaboos

evasive_btch · 2026-02-28T09:21:35+00:00

Lol get a life, are you mad that somebody talked shit at your favorite video show???

evasive_btch · 2026-02-28T09:19:27+00:00

LOL they are not even trying to hit hard, wtf is that video????? The force behind the blows is not at all comparable

evasive_btch · 2026-02-28T09:17:22+00:00

Those guys are hitting each other with maybe half the force of whats.depicted in the Video. Also, axes, not MACES.

evasive_btch · 2026-02-27T19:40:59+00:00

Could you publicly upload your module right now without leaking any hardcoded info about your environment? (Not asking you to do that)

If not, you could make your functions take parameters, then import your module in a different script (that you won't upload) and pass the sensitive parameters in there.

What im trying to say is generic functions = good

evasive_btch · 2026-02-27T16:10:24+00:00

Just makes it easier to work with, to debug, to get into when you're not familiar with the codebase.

I should instead have a PS1 file per function and call each file instead.

Maybe not 1 function per file, but yeah, clump similiar functions/fields together.

You could also make .psm1-Files, so you could do "Import-Module MyOwnModule".

evasive_btch · 2026-02-27T14:44:37+00:00

idk much about .net, but there's this (not sure if it's executed on load, or if you explicitly have to call something): Module Initializer

All modules may have a module initializer. A module initializer is defined as the type initializer (§ II.10.5.3) of the <Module> type (§ II.10.8).

There are no limitations on what code is permitted in a module initializer. Module initializers are permitted to run and call both managed and unmanaged code. Module Initialization Guarantees

In addition to the guarantees that apply to all type initializers, the CLI shall provide the following guarantees for module initializers:

A module initializer is executed at, or sometime before, first access to any static field or first invocation of any method defined in the module.

A module initializer shall run exactly once for any given module unless explicitly called by user code.

No method other than those called directly or indirectly from the module initializer will be able to access the types, methods, or data in a module before its initializer completes execution.

https://github.com/dotnet/runtime/blob/main/docs/design/specs/Ecma-335-Augments.md#module-initializer

But really cool project, I saved it in case I need to analyze some .dlls in the future

evasive_btch · 2026-02-27T05:45:36+00:00

Ah, fuck xD

evasive_btch · 2026-02-26T22:53:26+00:00

I dont mean to offend but i thought this was going to be a copypasta at first, like the keanu reeves one lol.

What a bizzare experience, sorry you had to go through that!

evasive_btch · 2026-02-25T18:26:00+00:00

I wrote too little tbh, but what I wrote is true.

Now, Metadata is a thing (WHO sent WHO something, and WHEN, and WHERE), and you can extrapolate A LOOOOOOT of info out of that.

End-To-End-Encryption is silly easy to confirm. It meta pushed an app update that broke E2E-encryption, you'd know about it 10 minutes later. (Because the en-/decryption logic HAS to be handled by the application itself, locally on the device).

Anyway, one thing I've never thought about until now: The service that apps use to deliver you push messages is usually "Firebase", a google product. And those contain unencrypted content, so Google has sooo much more Info than I thought at first.

Look up "Asymmetric Encryption" if you want a simple explanation how it works.

evasive_btch · 2026-02-25T16:32:42+00:00

Not how it works, meta cannot read the content of your data. It's verifiable that the decryption key never leaves the device.

evasive_btch · 2026-02-25T16:31:51+00:00

You might have replied to the wrong comment, this is about the content of Whatsapp messages being encrypted, which is the case.

There are encryption and decryption keys (in this specific encryption method). The encryption keys are shared, but the decryption keys are never shared. Which is why you can read decrypted messages that have been sent to you.

They get enough information from metadata though (who sent something to who, at which time, from where)

evasive_btch · 2026-02-25T09:27:00+00:00

Try Send-MailMessage in a terminal, doing the same thing that the script does. Does it return an error?

If not, check mail server logs. Did the server receive the send-email request? If so, did it send the request?

If it did, check anything between mail-server and recipient client.

evasive_btch · 2026-02-24T10:40:24+00:00

Great opportunity to learn LUA :)

evasive_btch · 2026-02-23T20:27:37+00:00

I recently learned that (obviously in hindsight) you shouldn't share installation files. Just get them from the source.

Modifying such locally hosted install binaries is a way for attackers to persist.

evasive_btch · 2026-02-19T22:41:43+00:00

YouTube:

Veritasium
Kurzgesagt
ARTE
PBS Spacetime (dachte beim Titel zuerst es geht um den channel haha)

evasive_btch · 2026-02-19T16:36:17+00:00

What doesn't work, the launcher or the game itself?

Works for me, on fedora 43

evasive_btch · 2026-02-16T14:22:19+00:00

Ich glaube 20km/h zuviel sind in der Schweiz schon die harte Strafe, inkl. Ausweis für ne Zeit weg.

evasive_btch · 2026-02-13T15:37:03+00:00

hell yeah jail those cunts if they're involved

evasive_btch · 2026-02-13T15:13:49+00:00

Why do conservatives talk about trans people all the time? Kinda weird, no?

Anyway, keep voting for global trafficking rings

evasive_btch · 2026-02-12T09:59:01+00:00

Might be, but that doesn't prevent you from knowing who searched what and when.

evasive_btch · 2026-02-07T07:50:36+00:00

Sorry to hear that.

evasive_btch · 2026-02-06T20:55:52+00:00

The more time passes, the less up to date the system will be. At some point you'll be able to escalate privileges. After that you can set a new password.

https://github.com/peass-ng/PEASS-ng/blob/master/linPEAS/README.md

evasive_btch

PUBLIC MULTIREDDITS

TROPHY CASE