Pentester's NTFS Tricks Collection (CVE-2018-1036, NTFS Elevation of Privileges)
In Summary : In this blog post René Freingruber ( @ReneFreingruber ) from the SEC Consult Vulnerability Lab shares different filesystem t...
https://updatesinfosec.blogspot.com/2018/06/pentesters-ntfs-tricks-collection-cve.html
In Summary :
In this blog post René Freingruber (@ReneFreingruber) from the SEC Consult Vulnerability Lab shares different filesystem tricks which were collected over the last years from various blog posts or found by himself. These tricks don’t lead to a directly exploitable condition, however, they can indirectly lead to exploitable flaws in special situations because of the non-intuitive behavior. Please note that only information on how to exploit the problems together with the impact will be explained (without technical low level details on the Windows API), as this would go beyond the scope of the article. [...]
kindly refer the following link as follow up :
https://ift.tt/2y6N9X0
In this blog post René Freingruber (@ReneFreingruber) from the SEC Consult Vulnerability Lab shares different filesystem tricks which were collected over the last years from various blog posts or found by himself. These tricks don’t lead to a directly exploitable condition, however, they can indirectly lead to exploitable flaws in special situations because of the non-intuitive behavior. Please note that only information on how to exploit the problems together with the impact will be explained (without technical low level details on the Windows API), as this would go beyond the scope of the article. [...]
kindly refer the following link as follow up :
https://ift.tt/2y6N9X0
