Jump to content

Need some help with ideas for a netsec capstone project

2FA
By 2FA
in Off Topic
 Share
Posted

I'm graduating next semester and so I'll need to complete a capstone project. It's not really super serious other than I need an idea for a project. There isn't really any specific part of the field that particularly interests me so I've been having a difficult time thinking of an idea. Just need some general suggestions so I can pick a direction to go in as I'm not very imaginative.

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

Actually, just thought of an idea. Going to make use of the recent Task Scheduler ALPC exploit.

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Oh. I like thinking out of the box... could you use one of these multithread/etc exploits to secretly SEND information? Like instead of using it to hack/crack a PC password, use it as the control and communication for malware... so harder to detect (no cross pollination? Or less packets on the network?)? Thread 1 would just write to it's own memory, and look benign. Thread 2 would appear to be checking it's own memory, but would be exploiting the timing bugs. XD

 

Or go one above, and have a system that flags when it detects software putting sensitive data in there... like if you load up facebook, and it does not flush out your password, it would popup "password detected in exploitable code". Well, I guess they should be checking this stuff at compile, but a way to check it in a live environment would be fun. XD

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Off Topic

×