GhostHook: A Kernel-Level Threat in 64-Bit Windows Systems

ghosthook

GhostHook is a new attack technique which allows hackers to bypass kernel protections of Windows 10 PatchGuard and plant rootkits within systems. PatchGuard is a software tool that has been designed to forbid the kernel of 64-bit versions of Windows operating systems from being patched, preventing attackers from executing malicious code or running rootkits at the kernel level.

According to the researchers at CyberArk, GhostHook is neither an elevation nor an exploitation technique but a post-exploitation attack where the attacker has control over the compromised system. It provides the hacker with the ability to hook almost any piece of code running on the system.

Continue reading…

PHP-7 for EasyApache3

850_c37ba64941e8a0a2b41ac71074cbbbbb

The latest versions of cPanel come with EasyApache 4 which provides a lot of new features like PHP 7 support, native support for multiple PHP versions, etc. So it is recommended to migrate to EasyApache 4 to utilize these features. However, if you cannot migrate EasyApache 4 due to some reason (Example: Tomcat support), you will have to compile the PHP 7 manually from source to use it with EasyApache3.

Continue reading…

How to perform fsck on a ploop container?

StockSnap_TIV258VG3N-1170x400

Due to various reasons like system crash, incorrect replication level etc, the file system in a ploop container will get corrupted that can result in data loss. So it is necessary to check the filesystem in a ploop container for consistency to avoid this loss of data.

Error

~# vzctl start 123

Starting container…

Opening delta /vz/private/123/root.hdd/root.hdd

Adding delta dev=/dev/ploopxxxxx img=/vz/private/123/root.hdd/root.hdd (rw)

/dev/ploopxxxxxp1: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.

(i.e., without -a or -p options)

Error in e2fsck (fsutils.c:315): e2fsck failed (exit code 4)

Failed to mount image: Error in e2fsck (fsutils.c:315): e2fsck failed (exit code 4)

Continue reading…