CardConquest GameDev Blog #5: Collapsing Multiple Units
In my previous post I mentioned that I next want to…When multiple units of the same type are on a tile, I want those units to “collapse” into one unit, and text to display something like “x2”
All posts by jmurphy5277
CardConquest GameDev Blog #4: Moving Units on the Land Tiles
Last post I created some land tiles and aligned them in a grid/map of sorts. This post, I hope to get units to be able to move on those tiles when the player clicks on them.
CardConquest GameDev Blog #3: Adding New Unit and Land Object
In this post, I plan to do the following:
1.) Add a new unit type: a tank
2.) Create land objects that the units will move on
CardConquest GameDev Blog Post 2: Highlighting Selected Object
In my first game dev blog post, I showed how to select an object when you clicked on it. In this post, I’ll make it so when you click on an object, that object is “highlighted” to show the player what objects they have selected.
CardConquest GameDev Blog: Selecting Object with Mouse Click
I wanted to also create this GameDev Blog to document my progress making this game in Unity to 1.) Reinforce what I was learning in Unity by making myself describe what I was doing, and 2.) Hopefully provide some useful information to any other would-be game makers out there on how I figured out how to do things.
Update to Get-RBCD-Threaded: Including WriteDacl and WriteProp
In my previous post on resource-based constrained delegation (RBCD), I created a tool called Get-RBCD-Threaded to enumerate AD environments for possible RBCD attack paths. Get-RBCD-Threaded worked by finding AD users, groups, and computer objects that had either GenericAll, GenericWrite, or WriteOwner privileges on another computer object. These permissions would allows you to modify the ms-DS-Allowed-To-Act-On-Behalf-Of-Other-Identity…
Getting Rastamouse’s AmsiScanBufferBypass to Work Again
When I need to bypass AMSI, I tend to use RastaMouse‘s AmsiScanBufferBypass. Rastamouse has a few blog posts that cover how it works. The basics of it is this: Load amsi.dll, then patch the AmsiScanBuffer() function so that it always returns AMSI_RESULT_CLEAN. This allows for your nasty payloads to execute without AMSI ruining your day.…
DLL Search Order Hijacking with vmms.exe / Hyper-V
In one of my darker moments, I decided to install Hyper-V on my Windows 10 desktop. While looking into other issues on my system, I noticed that during sytstem startup vmms.exe, which is related to Hyper-V, was looking for a DLL in a directory I had added to my path. To test out if this…
Unprivileged Zoom Persistence Part 2 – COM Hijacking
In a previous post I discussed how to do user persistence with the Zoom client by abusing its folder permissions to drop a DLL and patching the Zoom.exe binary. Zoom fixed the issue of dropping an arbitrary DLL to be loaded by Zoom by adding a check for loaded DLLs, and patching the binary is…
Privilege Escalation and Persistence through Steam Install Scripts
Note: These issues were last tested with the Steam version shown below: After playing around looking for DLL side-loading issues in System32, I started looking around on my system outside of System32 for any interesting applications I had installed that could be leveraged. One application that immediately caught my eye was Steam, since its installation…