The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not prevent DCE/RPC connection reflection, which allows local users to gain privileges via a crafted application, aka "Windows RPC Elevation of Privilege Vulnerability."
Trebuchet #####MS15-076 (CVE-2015-2370) Privilege Escalation ######Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory Usage: trebuchetexe C:\Users\Bob\Eviltxt C:\Windows\System32\Evildll This is a lightly modified Proof of Concept by James Forshaw with Google, found here: codegooglecom/p/google-security-resear
Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.
Pastebin is for old hats. Cool black hats use Twitter now
Hackers collectively tripled the production of Proof-of-Concept exploits last year, according to a new study out on Thursday.
Researchers and black hats develop proof-of-concept (PoC) exploits for research or demonstration purposes.
These PoCs are developed for a various reasons – to demonstrate that software is vulnerable, force a company to develop a critical patch, showcase skills, or, in the most malicious cases, claim ownership of a working exploit that can run on real-world t...
Microsoft releases a long list of updates to multiple technologies today with 14 Security Bulletins (MS15-058, MS15-065 – MS15-077) patching 58 vulnerabilities, and at least 47 of them reported through a a responsible disclosure channel. Meanwhile, several are being used and detected ITW as a part of limited targeted attacks, like the Microsoft Office RCE cve-2015-2424, ATMFD.DLL EoP cve-2015-2387, and the Internet Explorer JScript9 RCE cve-2015-2419. Some were the result of breach leaks as ...