2 matches found
๐ Backdoor.Win32.Poison.jh Insecure File Permissions / Privilege Escalation
This python script demonstrates a local privilege escalation exploit targeting a vulnerability in the Backdoor.Win32.Poison.jh malware sample. The exploit leverages insecure file permissions created by the malware itself, allowing any local user to replace the malicious executable with arbitrary...
๐ Backdoor.Win32.Poison.jh MVID-2025-0704 Insecure Permissions
Backdoor.Win32.Poison.jh malware creates the directory 28463 under C:\Windows\SysWOW64, granting Full F permissions to the Everyone user group. This allows any local user to modify or replace any dropped files, enabling trivial malware disruption or execution hijacking. This reflects poor...