Title
#general
m

Madhur Jodhwani

08/13/2021, 8:38 AM
How to change 
osueryd
 name in CMD and also in proccess log like I want to launch it as 
madhurs_daemon --flagfile=flagfile.txt
  instead of 
osqueryd --flagfile=flagfile.txt
  and it should be seen as 
madhurs_daemon
 in the process log as well as in the console application, any idea or any stuff I need to check out?
Jams

Jams

08/13/2021, 5:33 PM
Renaming osqueryd is not only security through obscurity but I’m now wondering if this feature can be abused so that a malicious osqueryd process can co-exist along a defensive osqueryd? 🤔
Mystery Incorporated

Mystery Incorporated

08/14/2021, 12:35 PM
Lol look at the teardowns of ransomware and see all the hardcoded paths and process names that they are checking to kill, such a simple way to defeat that is to change path and process name. I see Bitdefender now lets you push out policies with varying install path in the start of trying to remedy this threat. You keep telling yourself in your fantasy world it's security through obscurity mate, let the rest of us mitigate against REAL threats.
m

Madhur Jodhwani

08/16/2021, 4:28 AM
@Mystery Incorporated so please can you explain how to change the name?